Client-name <client-name> exceed-action, Default monitor-interval – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

Page 42

Advertising
background image

28

ServerIron ADX Security Guide

53-1002440-03

HTTP TRL policy commands

1

<max-conn-value>—specifies maximum number of connections client can setup.

Example

ServerIronADX(config-http-trl-p1)# client-name c1 max-conn 10

NOTE

You must set the client HTTP max-conn configuration before you configure the client exceed-action.

NOTE

Max-conn currently supports only HTTP/1.0.

Client-name <client-name> exceed-action

Use the client-name <client-name> exceed-action option in the http-trl-policy configuration mode to
set the action to take if a client exceeds the configured rate limit,.

Syntax: [no] client-name <client-name> exceed-action [reset | drop]

[reset | drop] specifies client request be reset or dropped if exceeds limit.

Example

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action [reset]

Syntax: [no] client-name <client-name> exceed-action redirect <domain> <url> [port]

<domain> and <url>—specifies client request to be redirected to this new URL, if limit is exceeded.

NOTE

Use an asterisk (*) to keep the same domain or url. This does not apply if the client is using HTTP 1.0.

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action redirect * /new

exceed.html http

NOTE

The same domain is used in the incoming packet.

The optional [port] specifies the new TCP port number for the redirected URL.

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action redirect

www.yahoo.com exceed.html http

Default monitor-interval

Use the default monitor-interval option in the http-trl-policy configuration mode to set default rate
limiting parameters.

Syntax: [no] default monitor-interval <interval-value> <warning-rate> <shutdown-rate>

<holddown-interval>

<interval-value>—specifies monitoring window in 100 ms unit.

<warning-rate>—specifies HTTP connection rate (per second) that causes a warning if
exceeded.

<shutdown-rate>—specifies HTTP connection rate (per second) that causes a client to hold
down.

Advertising
Popular Brands
Popular manuals