akyriako/web-application-firewall-dedicated
1
0
Fork 0
forked from docs/web-application-firewall-dedicated
Code Pull Requests Activity
web-application-firewall-de.../api-ref/source/apis/rule_management/querying_precise_protection_rules.rst
proposalbot 2020a02cbb Changes to wafd_api-ref from docs/doc-exports#471 (waf dedicated API 01 
waf ded

Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Co-authored-by: proposalbot <proposalbot@otc-service.com>
Co-committed-by: proposalbot <proposalbot@otc-service.com>
2022-12-08 11:52:42 +00:00

19 KiB
Raw Permalink Blame History

original_name

ListCustomRules.html

Querying Precise Protection Rules

Function

This API is used to query the list of precise protection rules.

URI

GET /v1/{project_id}/waf/policy/{policy_id}/custom

Table 1 Path Parameters
Parameter Mandatory Type Description
project_id Yes String Project ID
policy_id Yes String Policy ID. It can be obtained by calling the API Querying Protection Policies.
Table 2 Query Parameters
Parameter Mandatory Type Description
page No Integer

Page number.

Default: 1
pagesize No Integer

Number of records on each page. The maximum value is 100.

Default: 10

Request Parameters

Table 3 Request header parameters
Parameter Mandatory Type Description
X-Auth-Token Yes String auth token
Content-Type No String

Content type.

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 4 Response body parameters
Parameter Type Description
total Integer Number of rules in the policy
items Array of objects Array of custom rules
Table 5 CustomRuleBody
Parameter Type Description
id String Rule ID.
policyid String Policy ID.
description String Rule description
status Integer

Rule status. The value can be 0 or 1.

  • 0: The rule is disabled.
  • 1: The rule is enabled.
conditions Array of conditions <listcustomrules__response_conditions> objects List of matching conditions. All conditions must be met.
action CustomAction <listcustomrules__response_customaction> object Protective action of the precise protection rule.
action_mode Boolean This parameter is reserved and can be ignored.
priority Integer Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000.
timestamp Long Timestamp when the precise protection rule is created.
start Long Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal Long Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.
Table 6 conditions
Parameter Type Description
category String Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.
index String

Subfield

  • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
  • If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
logic_operation String Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.
contents Array of strings Content of the conditions.
Table 7 CustomAction
Parameter Type Description
category String

Action type.

  • block: WAF blocks attacks.
  • pass: WAF allows requests.

Status code: 400

Table 8 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Status code: 401

Table 9 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Status code: 500

Table 10 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Example Requests

GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?

Example Responses

Status code: 200

Request succeeded.

{
  "items" : [ {
    "category" : "block",
    "action_mode" : false,
    "conditions" : [ {
      "category" : "header",
      "index" : "sdfsafsda",
      "logic_operation" : "contain",
      "content" : [ "demo" ]
    } ],
    "description" : "",
    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "priority" : 50,
    "status" : 1,
    "time" : false,
    "timestamp" : 1656495488880
  } ],
  "total" : 1
}

Status Codes

Status Code Description
200 Request succeeded.
400 Request failed.
401 The token does not have required permissions.
500 Internal server error.

Error Codes

See Error Codes <errorcode>.