F5 - Advanced Configuration: Internal Parameters

Aus Laub-Home.de Wiki
Zur Navigation springen Zur Suche springen

Unter Application Security -> Options -> Advanced Configuration können die ASM internen Parameter angepasst werden.

Internal Parameter Default Value Description
ecard_max_http_req_uri_len 2048 bytes Defines a maximum URI length that the Protocol Security Module can support in its internal buffers. If this number is higher than the URI length defined per file type, then this number is the limit. If this number is higher than the file type limit, then the file type limit sets the maximum URI length.
long_request_buffer_size 10000000 bytes Specifies the long request length supported by the Protocol Security Module.
MaxFtpSessions 5000 sessions Specifies the maximum number of concurrent FTP connections that the Protocol Security Module can manage.
MaxJobs 15000 sessions Specifies the maximum number of concurrent sessions that the Protocol Security Module can handle.
MaxSmtpSessions 3000 sessions Specifies the maximum number of concurrent SMTP connections that the Protocol Security Module can manage.
MaxViolationEntries 500 entries Specifies the maximum number of violation entries per violation type kept in memory. Note that this parameter applies only to the protocol security profiles.
max_concurrent_long_request 100 requests Specifies the maximum number of concurrent long requests that the Protocol Security Module can handle. A long request is a request longer than request_buffer_size and less than long_request_buffer_size.
max_filtered_html_length 52428800 bytes Defines the maximum size of responses retained by the system.
OverviewEnabled 1 (Boolean value) Specifies, when set to 1, that data collection is enabled for both the graphs on the Overview screen and also for the Denial of Service attack prevention feature.

When set to 0, data collection is disabled.

ProtocolIndication -1 Specifies how the system distinguishes between HTTP and HTTPS URLs.

If the value is -1, the system decides whether the URL requested is an HTTP request or an HTTPS request based on the incoming traffic. If the value is 0, the system treats all incoming URL requests as HTTP requests. If the value is 1, the system treats all incoming URL requests as HTTPS requests.

request_buffer_size 10000 bytes Specifies the common request length supported by the Protocol Security Module.
ResponseBufferSize 131072 bytes Specifies the maximum buffer size for a single instance of the accumulated response buffers. The system accumulates response buffers until their total size reaches the max_filtered_html_length.
RWLightThreads 0 (number of CPUs determines the number of threads) Specifies, when the value is greater than zero, the number of threads that the Protocol Security Module uses. When the value is 0, the number of CPUs in the system determines the number of threads.
total_umu_max_size 1572864 kilobytes Specifies the maximum memory size (in kilobytes) available for the Protocol Security Modules memory pools.


Quelle: http://support.f5.com/kb/en-us/products/big-ip_psm/manuals/product/psm_config_guide_10_2/psm_params.html#1018397