ServerIron ADX Security Guide 29
53-1002440-03
HTTP TRL policy commands 1
<holddown-interval>—specifies the length of hold down period, if client exceeds rate limit in
term of minutes.
NOTE
Value 0 means do not hold down. Hold down holds all traffic.
Example
ServerIronADX(config-http-trl-p1)# default monitor-interval 1 10 20 0
Default max-conn
Use the default max-conn option in the http-trl-policy configuration mode to set default maximum
connection parameters.
Syntax: [no] default max-conn <max-conn-value>
<max-conn-value>—specifies maximum number of connections client can setup.
Example
ServerIronADX(config-http-trl-p1)# default max-conn 10
NOTE
Max-conn currently supports only HTTP/1.0.
Default exceed-action
Use the default exceed-action option in the http-trl-policy configuration mode to set the action to
take if a default exceeds the configured rate limit.
Syntax: [no] default exceed-action [reset | drop]
[reset | drop] specifies default request be reset or dropped if the limit is exceeded.
Example
ServerIronADX(config-http-trl-p1)# default exceed-action [reset | drop]
Syntax: [no] default exceed-action redirect <domain> <url> [port]
<domain> and <url>—specifies client request to be redirected to this new URL, if limit is exceeded.
NOTE
Use an asterisk (*) to keep the same domain or url.
ServerIronADX(config-http-trl-p1)# default exceed-action redirect *
/new/exceed.html http
NOTE
The same domain is used in the incoming packet.
The optional [port] specifies the new TCP port number for the redirected URL.
ServerIronADX(config-http-trl-p1)# default exceed-action redirect www.yahoo.com
/exceed.html http