Forum Discussion
saidshow_251381
Cirrostratus
CirrostratusExporting a DDoS Profile
Hi, I have a DDoS profile in my Test environment which I want to export so I can import it into our Production Environment. Is this possible?
Recreating the DDoS profile in production is simple enough however we have a third party manage our Production Systems so it would be easier to have them import my policy. Thank you in advance as always.
Regards
cjuniorNacreous
Hi, maybe you first list the DDoS profile to a file (or simply take the screen output) then merge it in the production config, like this way:
On test environment bash:
tmsh list security dos profile myddos_profile_name > /var/tmp/merge.confcat /var/tmp/merge.conf security dos profile myddos_profile_name { app-service none application { myddos_profile_name { captcha-response { failure { body "You have entered an invalid answer for the question. Please, try again. %DOSL7.captcha.image% %DOSL7.captcha.change% What code is in the image\? %DOSL7.captcha.solution% %DOSL7.captcha.submit%" } first { body "This question is for testing whether you are a human visitor and to prevent automated spam submission. %DOSL7.captcha.image% %DOSL7.captcha.change% What code is in the image\? %DOSL7.captcha.solution% %DOSL7.captcha.submit%" } } ip-whitelist { 107.162.0.0/21 { } } latency-based { mode transparent } tps-based { ip-minimum-tps 60 mode transparent } } } }On production environment bash:
tmsh load sys config merge file /var/tmp/merge.conf verifyIf no errors found, then:
tmsh load sys config merge file /var/tmp/merge.confIf you need to include all default or non-changed properties, run:
tmsh list security dos profile myddos_profile_name all-properties > /var/tmp/merge.confI hope it helps.
Regards