Li, Qiao 901ea67b42 waf dedicated API 01

Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>

2022-12-08 14:03:35 +00:00

29 KiB

Raw Blame History

Creating a Precise Protection Rule

Function

This API is used to create a precise protection rule.

URI

POST /v1/{project_id}/waf/policy/{policy_id}/custom

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID
policy_id	Yes	String	Policy ID. It can be obtained by calling the API Querying Protection Policies.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	auth token
Content-Type	Yes	String	Content type. Default: application/json;charset=utf8

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
time	No	Boolean	Time the precise protection rule takes effect. false: The rule takes effect immediately. true: The effective time is customized.
start	No	Long	Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal	No	Long	Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.
description	No	String	Rule description
conditions	No	Array of CustomConditions objects	Match condition List
action	No	CustomAction object	Protective action of the precise protection rule.
priority	No	Integer	Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000.

**Table 4** CustomConditions
Parameter	Mandatory	Type	Description
category	No	String	Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.
index	No	String	Subfield When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required. If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
logic_operation	No	String	Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.
contents	No	Array of strings	Condition content for matching the rule
value_list_id	No	String	ID of the reference table

**Table 5** CustomAction
Parameter	Mandatory	Type	Description
category	No	String	Action type. block: WAF blocks attacks. pass: WAF allows requests.

Response Parameters

Status code: 200

**Table 6** Response body parameters
Parameter	Type	Description
id	String	Rule ID.
policyid	String	Policy ID.
description	String	Rule description
status	Integer	Rule status. The value can be 0 or 1. 0: The rule is disabled. 1: The rule is enabled.
conditions	Array of conditions objects	List of matching conditions. All conditions must be met.
action	CustomAction object	Protective action of the precise protection rule.
action_mode	Boolean	This parameter is reserved and can be ignored.
priority	Integer	Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, the rule added earlier has higher priority. Value range: 0 to 1000.
timestamp	Long	Timestamp when the precise protection rule is created.
start	Long	Timestamp (ms) when the precise protection rule takes effect. This parameter is returned only when time is true.
terminal	Long	Timestamp (ms) when the precise protection rule expires. This parameter is returned only when time is true.

**Table 7** conditions
Parameter	Type	Description
category	String	Field type. The options are url, user-agent, ip, params, cookie, referer, header, request_line, method, and request.
index	String	Subfield When the field type is url, user-agent, ip, refer, request_line, method, or request, index is not required. If the field type is params, header, or cookie, and the subfield is customized, the value of index is the customized subfield.
logic_operation	String	Logic for matching the condition. The options are contain, not_contain, equal, not_equal, prefix, not_prefix, suffix, and not_suffix. For more details, see the console UI.
contents	Array of strings	Content of the conditions.

**Table 8** CustomAction
Parameter	Type	Description
category	String	Action type. block: WAF blocks attacks. pass: WAF allows requests.

Status code: 400

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 401

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 500

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error message

Example Requests

POST https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/custom?enterprise_project_id=0

{
    "description": "",
    "action": {
        "category": "block"
    },
    "priority": 50,
    "conditions": [
        {
            "category": "header",
            "logic_operation": "contain",
            "index": "demo"
            "content" ["demo"]
        }
    ],
    "time": false
}

Example Responses

Status code: 200

Request succeeded.

{
  "items" : [ {
    "action" : {
      "category" : "block"
    },
    "action_mode" : false,
    "aging_time" : 0,
    "conditions" : [ {
      "category" : "header",
      "index" : "demo",
      "logic_operation" : "contain",
      "content" : [ "demo" ]
    } ],
    "description" : "",
    "id" : "2a3caa2bc9814c09ad73d02e3485b4a4",
    "policyid" : "1f016cde588646aca3fb19f277c44d03",
    "priority" : 50,
    "status" : 1,
    "time" : false,
    "timestamp" : 1656495488880
  } ]
}

Status Codes

Status Code	Description
200	Request succeeded.
400	Request failed.
401	The token does not have required permissions.
500	Internal server error.

Error Codes

See Error Codes.

Parent topic: Rule Management

29 KiB Raw Blame History