beautypg.com

Client-name exceed-action, Default monitor-interval – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

Page 42

background image

28

ServerIron ADX Security Guide

53-1002440-03

HTTP TRL policy commands

1

—specifies maximum number of connections client can setup.

Example

ServerIronADX(config-http-trl-p1)# client-name c1 max-conn 10

NOTE

You must set the client HTTP max-conn configuration before you configure the client exceed-action.

NOTE

Max-conn currently supports only HTTP/1.0.

Client-name exceed-action

Use the client-name exceed-action option in the http-trl-policy configuration mode to
set the action to take if a client exceeds the configured rate limit,.

Syntax: [no] client-name exceed-action [reset | drop]

[reset | drop] specifies client request be reset or dropped if exceeds limit.

Example

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action [reset]

Syntax: [no] client-name exceed-action redirect [port]

and —specifies client request to be redirected to this new URL, if limit is exceeded.

NOTE

Use an asterisk (*) to keep the same domain or url. This does not apply if the client is using HTTP 1.0.

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action redirect * /new

exceed.html http

NOTE

The same domain is used in the incoming packet.

The optional [port] specifies the new TCP port number for the redirected URL.

ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action redirect

www.yahoo.com exceed.html http

Default monitor-interval

Use the default monitor-interval option in the http-trl-policy configuration mode to set default rate
limiting parameters.

Syntax: [no] default monitor-interval

—specifies monitoring window in 100 ms unit.

—specifies HTTP connection rate (per second) that causes a warning if
exceeded.

—specifies HTTP connection rate (per second) that causes a client to hold
down.