slb template policy forward-policy¶

Specification	Value
Type	list
Block object keys

ssli-url-filtering

Description ‘bypassed-sni-disable’: Disable SNI filtering for bypassed URL’s(enabled by default); ‘intercepted-sni-enable’: Enable SNI filtering for intercepted URL’s(disabled by default); ‘intercepted-http-disable’: Disable HTTP(host/URL) filtering for intercepted URL’s(enabled by default); ‘no-sni-allow’: Allow connection if SNI filtering is enabled and SNI header is not present(Drop by default);

Type: string

Supported Values: bypassed-sni-disable, intercepted-sni-enable, intercepted-http-disable, no-sni-allow

Specification	Value
Type	list
Block object keys

ssli-url-filtering-san

Description ‘enable-san’: Enable SAN filtering(disabled by default); ‘bypassed-san-disable’: Disable SAN filtering for bypassed URL’s(enabled by default); ‘intercepted-san-enable’: Enable SAN filtering for intercepted URL’s(disabled by default); ‘no-san-allow’: Allow connection if SAN filtering is enabled and SAN field is not present(Drop by default);

Type: string

Supported Values: enable-san, bypassed-san-disable, intercepted-san-enable, no-san-allow

Specification	Value
Type	list
Block object keys

action1

Description ‘forward-to-internet’: Forward request to Internet; ‘forward-to-service-group’: Forward request to service group; ‘forward-to-proxy’: Forward request to HTTP proxy server; ‘drop’: Drop request;

Type: string

Supported Values: forward-to-internet, forward-to-service-group, forward-to-proxy, drop

drop-message

Description drop-message sent to the client as webpage(html tags are included and quotation marks are required for white spaces)

Type: string

Format: string-rlx

Maximum Length: 1023 characters

Maximum Length: 1 characters

Mutual Exclusion: drop-message and drop-redirect-url are mutually exclusive

drop-redirect-url

Description Specify URL to which client request is redirected upon being dropped

Type: string

Format: string-rlx

Maximum Length: 1023 characters

Maximum Length: 1 characters

Mutual Exclusion: drop-redirect-url, drop-response-code, and drop-message are mutually exclusive

drop-response-code

Description Specify response code for drop action

Type: number

Range: 100-599

Mutual Exclusion: drop-response-code and drop-redirect-url are mutually exclusive

fake-sg

Description service group to forward the packets to Internet

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

fall-back

Description Fallback service group for Internet

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

fall-back-snat

Description Source NAT pool or pool group for fallback server

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: fall-back-snat and fall-back-snat-pt-only are mutually exclusive

fall-back-snat-pt-only

Description Source port translation only for fallback server

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: fall-back-snat-pt-only and fall-back-snat are mutually exclusive

forward-snat

Description Source NAT pool or pool group

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: forward-snat and forward-snat-pt-only are mutually exclusive

forward-snat-pt-only

Description Source port translation only

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: forward-snat-pt-only and forward-snat are mutually exclusive

http-status-code

Description ‘301’: Moved permanently; ‘302’: Found;

Type: string

Supported Values: 301, 302

Default: 302

log

Description enable logging

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

name

Description Action policy name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

proxy-chaining

Description Enable proxy chaining feature

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

proxy-chaining-bypass

Description Forward all https packets to upstream proxy

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

real-sg

Description service group to forward the packets

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

sampling-enable

Type: List

support-cert-fetch

Description Fetch server certificate by upstream proxy

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	list
Block object keys

counters1

Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;

Type: string

Supported Values: all, hits

Specification	Value
Type	list
Block object keys

fall-back

Description Fallback service group

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/service-group

fall-back-snat

Description Source NAT pool or pool group for fallback

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ip/nat/pool

ipv4

Description IPv4 service group to forward

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/service-group

ipv4-snat

Description IPv4 source NAT pool or pool group

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ip/nat/pool

ipv6

Description IPv6 service group to forward

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/service-group

ipv6-snat

Description IPv6 source NAT pool or pool group

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ipv6/nat/pool

log

Description enable logging

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

name

Description Action name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

sampling-enable

Type: List

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	list
Block object keys

counters1

Description ‘all’: all; ‘hits’: Number of requests forward by this action;

Type: string

Supported Values: all, hits

Specification	Value
Type	list
Block object keys

destination

Description: destination is a JSON Block. Please see below for source-list_destination

Type: Object

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination

match-any

Description Match any source

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: match-any and match-class-list are mutually exclusive

match-authorize-policy

Description Authorize-policy for user and group based policy

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/aam/authorization/policy

match-class-list

Description Class List Name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: match-class-list and match-any are mutually exclusive

name

Description source destination match rule name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

priority

Description Priority of the source(higher the number higher the priority, default 0)

Type: number

Range: 1-2000

sampling-enable

Type: List

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	object

adv-match-list

Type: List

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/adv-match/{priority}

any

Description: any is a JSON Block. Please see below for source-list_destination_any

Type: Object

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/any

class-list-list

Type: List

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/class-list/{dest-class-list}

web-category-list-list

Type: List

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/web-category-list/{web-category-list}

web-reputation-scope-list

Type: List

Reference Object: /axapi/v3/slb/template/policy/{name}/forward-policy/source/{name}/destination/web-reputation-scope/{web-reputation-scope}

Specification	Value
Type	list
Block object keys

action

Description Action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

dest-class-list

Description Destination Class List Name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

dual-stack-action

Description Dual-stack action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

priority

Description Priority value of the action(higher the number higher the priority)

Type: number

Range: 1-1024

type

Description ‘host’: Match hostname; ‘url’: Match URL; ‘ip’: Match destination IP address;

Type: string

Supported Values: host, url, ip

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	list
Block object keys

action

Description Action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

dual-stack-action

Description Dual-stack action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

priority

Description Priority value of the action(higher the number higher the priority)

Type: number

Range: 1-1024

type

Description ‘host’: Match hostname; ‘url’: match URL;

Type: string

Supported Values: host, url

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

web-category-list

Description Destination Web Category List Name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/web-category/category-list

Specification	Value
Type	object

action

Description Action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: action and dual-stack-action are mutually exclusive

dual-stack-action

Description Dual-stack action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: dual-stack-action and action are mutually exclusive

sampling-enable

Type: List

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	list
Block object keys

counters1

Description ‘all’: all; ‘hits’: Number of requests matching this destination rule;

Type: string

Supported Values: all, hits

Specification	Value
Type	list
Block object keys

action

Description Forwading action of this rule

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: action and dual-stack-action are mutually exclusive

disable-reqmod-icap

Description Disable REQMOD ICAP template

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

disable-respmod-icap

Description Disable RESPMOD ICAP template

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

dual-stack-action

Description Forwarding action of this rule

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: dual-stack-action and action are mutually exclusive

match-host

Description Match request host (HTTP stage) or SNI/SAN (SSL stage)

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-content-encoding

Description Match the value of HTTP header “Content-Encoding”

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-content-length-range-begin

Description Match the value of HTTP header “Content-Length” with an inclusive range

Type: number

Range: 0-2147483647

match-http-content-length-range-end

Description End of the “Content-Length” range

Type: number

Range: 0-2147483647

match-http-content-type

Description Match the value of HTTP header “Content-Type”

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-header

Description Matching the name of all request headers

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-method-connect

Description Match HTTP request method CONNECT

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-delete

Description Match HTTP request method DELETE

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-get

Description Match HTTP request method GET

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-head

Description Match HTTP request method HEAD

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-options

Description Match HTTP request method OPTIONS

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-patch

Description Match HTTP request method PATCH

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-post

Description Match HTTP request method POST

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-put

Description Match HTTP request method PUT

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-method-trace

Description Match HTTP request method TRACE

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

match-http-request-file-extension

Description Match file extension of URL in HTTP request line

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-url

Description Match URL in HTTP request line

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-http-url-regex

Description Match URI in HTTP request line by given regular expression

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

match-http-user-agent

Description Matching the value of HTTP header “User-Agent”

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-server-address

Description Match target server IP address

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/class-list

match-server-port

Description Match target server port number

Type: number

Range: 1-65535

Mutual Exclusion: match-server-port and match-server-port-range-begin are mutually exclusive

match-server-port-range-begin

Description Math targer server port range inclusively

Type: number

Range: 1-65535

Mutual Exclusion: match-server-port-range-begin and match-server-port are mutually exclusive

match-server-port-range-end

Description End of port range

Type: number

Range: 1-65535

match-time-range

Description Enable rule in this time-range

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/forward-proxy/time-range

match-web-category-list

Description Match web-category list

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/web-category/category-list

match-web-reputation-scope

Description Match web-reputation scope

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/web-category/reputation-scope

notify-page

Description Send notify-page to client

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/slb/forward-proxy/notify-page

priority

Description Rule priority (1000 is highest)

Type: number

Range: 1-1000

sampling-enable

Type: List

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

Specification	Value
Type	list
Block object keys

counters1

Description ‘all’: all; ‘hits’: Number of requests hit this rule;

Type: string

Supported Values: all, hits

Specification	Value
Type	list
Block object keys

action

Description Action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

dual-stack-action

Description Dual-stack action to be performed

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

priority

Description Priority value of the action(higher the number higher the priority)

Type: number

Range: 1-1024

type

Description ‘host’: Match hostname; ‘url’: match URL;

Type: string

Supported Values: host, url

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

web-reputation-scope

Description Destination Web Reputation Scope Name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/web-category/reputation-scope

Specification	Value
Type	list
Block object keys

counters1

Description ‘all’: all; ‘hits’: Number of requests matching this source rule; ‘destination-match-not-found’: Number of requests without matching destination rule; ‘no-host-info’: Failed to parse ip or host information from request;

Type: string

Supported Values: all, hits, destination-match-not-found, no-host-info