akyriako/web-application-firewall-dedicated
1
0
Fork 0
forked from docs/web-application-firewall-dedicated
Code Pull Requests Activity
web-application-firewall-de.../api-ref/source/apis/rule_management/querying_precise_protection_rules.rst
proposalbot 4ec0aee404 Changes to wafd_api-ref from docs/doc-exports#588 (WAFD API 20230202 version 
Cr

Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: proposalbot <proposalbot@otc-service.com>
Co-committed-by: proposalbot <proposalbot@otc-service.com>
2023-04-20 07:37:21 +00:00

36 KiB
Raw Blame History

original_name

ListCustomRules.html

Querying Precise Protection Rules

Function

This API is used to query the list of precise protection rules.

URI

GET /v1/{project_id}/waf/policy/{policy_id}/custom

Table 1 Path Parameters
Parameter Mandatory Type Description
project_id Yes String Project ID
policy_id Yes String Policy ID. It can be obtained by calling the ListPolicy API.
Table 2 Query Parameters
Parameter Mandatory Type Description
page No Integer

Page number.

Default: 1
pagesize No Integer Number of records on each page. The maximum value is 2147483647.

Request Parameters

Table 3 Request header parameters
Parameter Mandatory Type Description
X-Auth-Token Yes String auth token
Content-Type No String

Content type.

Default: application/json;charset=utf8

Response Parameters

Status code: 200

Table 4 Response body parameters
Parameter Type Description
total Integer Number of rules in the policy
items Array of CustomRuleBody <listcustomrules__response_customrulebody> objects Array of custom rules
Table 5 CustomRuleBody
Parameter Type Description
id String Rule ID.
policyid String Policy ID.
description String Rule description.
status Integer

Rule status. The value can be 0 or 1.

  • 0: The rule is disabled.
  • 1: The rule is enabled.
conditions Array of conditions <listcustomrules__response_conditions> objects List of matching conditions. All conditions must be met.
action CustomAction <listcustomrules__response_customaction> object Protective action of the precise protection rule.
priority Integer Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000.
timestamp Long Timestamp when the precise protection rule is created.
start Long Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal Long Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.
action_mode Boolean This parameter is reserved and can be ignored currently.
aging_time Integer Rule aging time. This parameter is reserved and can be ignored currently.
producer Integer Rule creation object. This parameter is reserved and can be ignored currently.
Table 6 conditions
Parameter Type Description
category String Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.
index String

Subfield

  • When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required.
  • When the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
logic_operation String

Logic for matching the condition.

Enumeration values:

  • contain
  • not_contain
  • equal
  • not_equal
  • prefix
  • not_prefix
  • suffix
  • not_suffix
  • contain_any
  • not_contain_all
  • equal_any
  • not_equal_all
  • prefix_any
  • not_prefix_all
  • suffix_any
  • not_suffix_all
  • len_greater
  • len_less
  • len_equal
  • num_greater
  • num_less
  • num_equal
  • num_not_equal
  • exist
  • not_exist
contents Array of strings Content of the conditions.
value_list_id String Reference table ID. It can be obtained by calling the API Querying the Reference Table List. This parameter is available only when a reference table is used when a protection rule is created.
Table 7 CustomAction
Parameter Type Description
category String

Operation type

  • block: WAF blocks attacks.
  • pass: WAF allows requests.
  • log: WAF only logs detected attacks.

Enumeration values:

  • block
  • pass
  • log
followed_action_id String ID of a known attack source rule. This parameter can be configured only when category is set to block.

Status code: 400

Table 8 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Status code: 401

Table 9 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Status code: 500

Table 10 Response body parameters
Parameter Type Description
error_code String Error code
error_msg String Error message

Example Requests

GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?

Example Responses

Status code: 200

Request succeeded.

{
  "items" : [ {
    "category" : "block",
    "action_mode" : false,
    "conditions" : [ {
      "category" : "header",
      "index" : "sdfsafsda",
      "logic_operation" : "contain",
      "content" : [ "demo" ]
    } ],
    "description" : "",
    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "priority" : 50,
    "status" : 1,
    "time" : false,
    "timestamp" : 1656495488880,
    "aging_time" : 0,
    "producer" : 1
  } ],
  "total" : 1
}

Status Codes

Status Code Description
200 Request succeeded.
400 Request failed.
401 The token does not have required permissions.
500 Internal server error.

Error Codes

See Error Codes <errorcode>.