Suggest block client rule.

POST

/api/config/namespaces/{namespace}/cdn_loadbalancers/{name}/block_client/suggestion

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/config/namespaces/example/cdn_loadbalancers/example/block_client/suggestion \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "as_description": "example", "as_number": 1, "ip_prefix": "example", "name": "example", "namespace": "example", "user_id": "example" }'

• F5 Distributed Cloud Console

Suggest blocking SimpleClientSrcRule for a given IP/ASN.

Examples of this operation.

Authorizations

• ApiToken

Parameters

Path Parameters

namespace

required

string

Namespace Namespace of the App type for current request.

name

required

string

Name HTTP load balancer for which this WAF exclusion will be applied.

Request Body^required

Media typeapplication/json

GetSuggestedBlockClientRuleReq

GET suggested blocking SimpleClientSrcRule for a given IP/ASN.

object

as_description

Description

AS description.

string

<= 256 characters

as_number

as number

RFC 6793 defined 4-byte AS number Required: YES.

integer format: int64

ip_prefix

ip prefix

IP prefix string. Required: YES.

string

<= 1024 characters

name

Name

HTTP load balancer for which this WAF exclusion will be applied.

string

>= 6 characters <= 1024 characters

namespace

Namespace

Namespace of the App type for current request.

string

>= 6 characters <= 1024 characters

user_id

user id

User ID of blocked client.

string

<= 256 characters

Example^generated

{
  "as_description": "example",
  "as_number": 1,
  "ip_prefix": "example",
  "name": "example",
  "namespace": "example",
  "user_id": "example"
}

Responses

200

A successful response.

Media typeapplication/json

GetSuggestedBlockClientRuleRsp

GET suggested blocking SimpleClientSrcRule for a given IP/ASN.

object

found_existing_rule

object

name

Name

HTTP load balancer for which this WAF exclusion will be applied.

string

>= 6 characters <= 1024 characters

rule

object

actions

actions

Actions that should be taken when client identifier matches the rule.

Array<string>

<= 10 items

Allowed values: SKIP_PROCESSING_WAF SKIP_PROCESSING_BOT SKIP_PROCESSING_MUM SKIP_PROCESSING_IP_REPUTATION SKIP_PROCESSING_API_PROTECTION SKIP_PROCESSING_OAS_VALIDATION SKIP_PROCESSING_DDOS_PROTECTION SKIP_PROCESSING_THREAT_MESH SKIP_PROCESSING_MALWARE_PROTECTION

as_number

as number

Exclusive with [http_header ip_prefix ipv6_prefix user_identifier] RFC 6793 defined 4-byte AS number.

integer format: int64

bot_skip_processing

object

expiration_timestamp

expiration timestamp

The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in the configuration but is not applied anymore.

string format: date-time

<= 1024 characters

http_header

object

headers

headers

List of HTTP header name and value pairs

Required: YES.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header

Header Match can also be inverse of above, which be used to check missing header or non-matching value.

object

exact

exact

Exclusive with [presence regex] Header value to match exactly.

string

<= 256 characters

invert_match

invert_match

Invert the result of the match to detect missing header or non-matching value.

boolean format: boolean

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

presence

presence

Exclusive with [exact regex] If true, check for presence of header.

boolean format: boolean

regex

regex

Exclusive with [exact presence] Regex match of the header value in re2 format.

string

<= 256 characters

ip_prefix

ip prefix

Exclusive with [as_number http_header ipv6_prefix user_identifier] IPv4 prefix string.

string

<= 1024 characters

ipv6_prefix

ipv6 prefix

Exclusive with [as_number http_header ip_prefix user_identifier] IPv6 prefix string.

string

<= 1024 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

skip_processing

object

user_identifier

user identifier

Exclusive with [as_number http_header ip_prefix ipv6_prefix] Identify user based on user identifier. User identifier value needs to be copied from security event.

string

<= 256 characters

waf_skip_processing

object

Example

{
  "rule": {
    "actions": [
      "SKIP_PROCESSING_WAF"
    ]
  }
}

401

Returned when operation is not authorized.

Media typeapplication/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

Media typeapplication/json

string format: string

Example^generated

example

404

Returned when resource is not found.

Media typeapplication/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

Media typeapplication/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

Media typeapplication/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

Media typeapplication/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

Media typeapplication/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

Media typeapplication/json

string format: string

Example^generated

example