Forum Discussion
saidshow_251381
Cirrostratus
CirrostratusExporting a DDoS Profile
Hi, I have a DDoS profile in my Test environment which I want to export so I can import it into our Production Environment. Is this possible?
Recreating the DDoS profile in production is simple ...
cjunior
Nacreous
NacreousHi, maybe you first list the DDoS profile to a file (or simply take the screen output) then merge it in the production config, like this way:
On test environment bash:
tmsh list security dos profile myddos_profile_name > /var/tmp/merge.conf
cat /var/tmp/merge.conf
security dos profile myddos_profile_name {
app-service none
application {
myddos_profile_name {
captcha-response {
failure {
body "You have entered an invalid answer for the question. Please, try again.
%DOSL7.captcha.image% %DOSL7.captcha.change%
What code is in the image\?
%DOSL7.captcha.solution%
%DOSL7.captcha.submit%"
}
first {
body "This question is for testing whether you are a human visitor and to prevent automated spam submission.
%DOSL7.captcha.image% %DOSL7.captcha.change%
What code is in the image\?
%DOSL7.captcha.solution%
%DOSL7.captcha.submit%"
}
}
ip-whitelist {
107.162.0.0/21 { }
}
latency-based {
mode transparent
}
tps-based {
ip-minimum-tps 60
mode transparent
}
}
}
}
On production environment bash:
tmsh load sys config merge file /var/tmp/merge.conf verify
If no errors found, then:
tmsh load sys config merge file /var/tmp/merge.conf
If you need to include all default or non-changed properties, run:
tmsh list security dos profile myddos_profile_name all-properties > /var/tmp/merge.conf
I hope it helps.
Regards