:original_name: ListCustomRules.html
.. _ListCustomRules:
Querying Precise Protection Rules
=================================
Function
--------
This API is used to query the list of precise protection rules.
URI
---
GET /v1/{project_id}/waf/policy/{policy_id}/custom
.. table:: **Table 1** Path Parameters
+------------+-----------+--------+------------------------------------------------------------------+
| Parameter | Mandatory | Type | Description |
+============+===========+========+==================================================================+
| project_id | Yes | String | Project ID |
+------------+-----------+--------+------------------------------------------------------------------+
| policy_id | Yes | String | Policy ID. It can be obtained by calling the **ListPolicy** API. |
+------------+-----------+--------+------------------------------------------------------------------+
.. table:: **Table 2** Query Parameters
+-----------------+-----------------+-----------------+------------------------------------------------------------------+
| Parameter | Mandatory | Type | Description |
+=================+=================+=================+==================================================================+
| page | No | Integer | Page number. |
| | | | |
| | | | Default: **1** |
+-----------------+-----------------+-----------------+------------------------------------------------------------------+
| pagesize | No | Integer | Number of records on each page. The maximum value is 2147483647. |
+-----------------+-----------------+-----------------+------------------------------------------------------------------+
Request Parameters
------------------
.. table:: **Table 3** Request header parameters
+-----------------+-----------------+-----------------+--------------------------------------------+
| Parameter | Mandatory | Type | Description |
+=================+=================+=================+============================================+
| X-Auth-Token | Yes | String | auth token |
+-----------------+-----------------+-----------------+--------------------------------------------+
| Content-Type | No | String | Content type. |
| | | | |
| | | | Default: **application/json;charset=utf8** |
+-----------------+-----------------+-----------------+--------------------------------------------+
Response Parameters
-------------------
**Status code: 200**
.. table:: **Table 4** Response body parameters
+-----------+-----------------------------------------------------------------------------------+-------------------------------+
| Parameter | Type | Description |
+===========+===================================================================================+===============================+
| total | Integer | Number of rules in the policy |
+-----------+-----------------------------------------------------------------------------------+-------------------------------+
| items | Array of :ref:`CustomRuleBody ` objects | Array of custom rules |
+-----------+-----------------------------------------------------------------------------------+-------------------------------+
.. _listcustomrules__response_customrulebody:
.. table:: **Table 5** CustomRuleBody
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Type | Description |
+=======================+===========================================================================+====================================================================================================================================================================================+
| id | String | Rule ID. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| policyid | String | Policy ID. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| description | String | Rule description. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| status | Integer | Rule status. The value can be **0** or **1**. |
| | | |
| | | - **0**: The rule is disabled. |
| | | |
| | | - **1**: The rule is enabled. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| conditions | Array of :ref:`conditions ` objects | List of matching conditions. All conditions must be met. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| action | :ref:`CustomAction ` object | Protective action of the precise protection rule. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| priority | Integer | Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| timestamp | Long | Timestamp when the precise protection rule is created. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| start | Long | Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| terminal | Long | Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| action_mode | Boolean | This parameter is reserved and can be ignored currently. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| aging_time | Integer | Rule aging time. This parameter is reserved and can be ignored currently. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| producer | Integer | Rule creation object. This parameter is reserved and can be ignored currently. |
+-----------------------+---------------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
.. _listcustomrules__response_conditions:
.. table:: **Table 6** conditions
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Type | Description |
+=======================+=======================+=================================================================================================================================================================================================+
| category | String | Field type. The options are **url**, **user-agent**, **ip**, **params**, **cookie**, **referer**, **header**, **request_line**, **method**, and **request**. |
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| index | String | Subfield |
| | | |
| | | - When the field type is **url**, **user-agent**, **ip**, **refer**, **request_line**, **method**, or **request**, **index** is not required. |
| | | |
| | | - When the field type is **params**, **header**, or **cookie**, and the subfield is customized, the value of **index** is the customized subfield. |
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| logic_operation | String | Logic for matching the condition. |
| | | |
| | | Enumeration values: |
| | | |
| | | - **contain** |
| | | |
| | | - **not_contain** |
| | | |
| | | - **equal** |
| | | |
| | | - **not_equal** |
| | | |
| | | - **prefix** |
| | | |
| | | - **not_prefix** |
| | | |
| | | - **suffix** |
| | | |
| | | - **not_suffix** |
| | | |
| | | - **contain_any** |
| | | |
| | | - **not_contain_all** |
| | | |
| | | - **equal_any** |
| | | |
| | | - **not_equal_all** |
| | | |
| | | - **prefix_any** |
| | | |
| | | - **not_prefix_all** |
| | | |
| | | - **suffix_any** |
| | | |
| | | - **not_suffix_all** |
| | | |
| | | - **len_greater** |
| | | |
| | | - **len_less** |
| | | |
| | | - **len_equal** |
| | | |
| | | - **num_greater** |
| | | |
| | | - **num_less** |
| | | |
| | | - **num_equal** |
| | | |
| | | - **num_not_equal** |
| | | |
| | | - **exist** |
| | | |
| | | - **not_exist** |
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| contents | Array of strings | Content of the conditions. |
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| value_list_id | String | Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created. |
+-----------------------+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
.. _listcustomrules__response_customaction:
.. table:: **Table 7** CustomAction
+-----------------------+-----------------------+----------------------------------------------------------------------------------------------------------------+
| Parameter | Type | Description |
+=======================+=======================+================================================================================================================+
| category | String | Operation type |
| | | |
| | | - **block**: WAF blocks attacks. |
| | | |
| | | - **pass**: WAF allows requests. |
| | | |
| | | - **log**: WAF only logs detected attacks. |
| | | |
| | | Enumeration values: |
| | | |
| | | - **block** |
| | | |
| | | - **pass** |
| | | |
| | | - **log** |
+-----------------------+-----------------------+----------------------------------------------------------------------------------------------------------------+
| followed_action_id | String | ID of a known attack source rule. This parameter can be configured only when **category** is set to **block**. |
+-----------------------+-----------------------+----------------------------------------------------------------------------------------------------------------+
**Status code: 400**
.. table:: **Table 8** Response body parameters
========== ====== =============
Parameter Type Description
========== ====== =============
error_code String Error code
error_msg String Error message
========== ====== =============
**Status code: 401**
.. table:: **Table 9** Response body parameters
========== ====== =============
Parameter Type Description
========== ====== =============
error_code String Error code
error_msg String Error message
========== ====== =============
**Status code: 500**
.. table:: **Table 10** Response body parameters
========== ====== =============
Parameter Type Description
========== ====== =============
error_code String Error code
error_msg String Error message
========== ====== =============
Example Requests
----------------
.. code-block:: text
GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?
Example Responses
-----------------
**Status code: 200**
Request succeeded.
.. code-block::
{
"items" : [ {
"category" : "block",
"action_mode" : false,
"conditions" : [ {
"category" : "header",
"index" : "sdfsafsda",
"logic_operation" : "contain",
"content" : [ "demo" ]
} ],
"description" : "",
"id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
"policyid" : "1f016cde588646aca3fb19f277c44d03",
"priority" : 50,
"status" : 1,
"time" : false,
"timestamp" : 1656495488880,
"aging_time" : 0,
"producer" : 1
} ],
"total" : 1
}
Status Codes
------------
=========== =============================================
Status Code Description
=========== =============================================
200 Request succeeded.
400 Request failed.
401 The token does not have required permissions.
500 Internal server error.
=========== =============================================
Error Codes
-----------
See :ref:`Error Codes `.