Default max-conn, Default exceed-action – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

29

53-1002440-03

HTTP TRL policy commands

1

•

<holddown-interval>—specifies the length of hold down period, if client exceeds rate limit in
term of minutes.

NOTE

Value 0 means do not hold down. Hold down holds all traffic.

Example

ServerIronADX(config-http-trl-p1)# default monitor-interval 1 10 20 0

Default max-conn

Use the default max-conn option in the http-trl-policy configuration mode to set default maximum
connection parameters.

Syntax: [no] default max-conn <max-conn-value>

<max-conn-value>—specifies maximum number of connections client can setup.

Example

ServerIronADX(config-http-trl-p1)# default max-conn 10

NOTE

Max-conn currently supports only HTTP/1.0.

Default exceed-action

Use the default exceed-action option in the http-trl-policy configuration mode to set the action to
take if a default exceeds the configured rate limit.

Syntax: [no] default exceed-action [reset | drop]

[reset | drop] specifies default request be reset or dropped if the limit is exceeded.

Example

ServerIronADX(config-http-trl-p1)# default exceed-action [reset | drop]

Syntax: [no] default exceed-action redirect <domain> <url> [port]

<domain> and <url>—specifies client request to be redirected to this new URL, if limit is exceeded.

NOTE

Use an asterisk (*) to keep the same domain or url.

ServerIronADX(config-http-trl-p1)# default exceed-action redirect *

/new/exceed.html http

NOTE

The same domain is used in the incoming packet.

The optional [port] specifies the new TCP port number for the redirected URL.

ServerIronADX(config-http-trl-p1)# default exceed-action redirect www.yahoo.com

/exceed.html http