a10_ddos_dst_zone_ip_proto_proto_name
Synopsis
DDOS IP protocol configuration
Parameters
Parameters |
Choices/Defaults |
Comment |
|
---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
zone_name str/required |
Key to identify parent object |
||
protocol str/required |
‘icmp-v4’= ip-proto icmp-v4; ‘icmp-v6’= ip-proto icmp-v6; ‘other’= ip-proto other; ‘gre’= ip-proto gre; ‘ipv4-encap’= ip-proto IPv4 Encapsulation; ‘ipv6-encap’= ip-proto IPv6 Encapsulation; |
||
manual_mode_enable bool |
Toggle manual mode to use fix templates |
||
deny bool |
Blacklist and Drop all incoming packets for ip-proto icmp-v4 |
||
glid_cfg dict |
Field glid_cfg |
||
glid str |
Global limit ID for the whole zone |
||
glid_action str |
‘drop’= Drop packets for glid exceed (Default); ‘ignore’= Do nothing for glid exceed; |
||
action_list str |
Configure action-list to take |
||
per_addr_glid str |
Global limit ID per address |
||
tunnel_decap bool |
Enable tunnel decapsulation |
||
key_cfg list |
Field key_cfg |
||
key str |
Only decapsulate GRE packet with this key (Hexadecimal 0x0-0xFFFFFFFF,decimal 0-4294967295) |
||
tunnel_rate_limit bool |
Enable DDOS-protection on tunnel traffic |
||
drop_frag_pkt bool |
Drop fragmented packets |
||
unlimited_dynamic_entry_count bool |
No limit for maximum dynamic src entry count |
||
max_dynamic_entry_count int |
Maximum count for dynamic source zone service entry |
||
apply_policy_on_overflow bool |
Enable this flag to apply overflow policy when dynamic entry count overflows |
||
enable_top_k bool |
Enable ddos top-k source IP detection |
||
topk_num_records int |
Maximum number of records to show in topk |
||
enable_top_k_destination bool |
Enable ddos top-k destination IP detection |
||
topk_dst_num_records int |
Maximum number of records to show in topk |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
age int |
Idle age for ip entry |
||
enable_class_list_overflow bool |
Apply class-list overflow policy upon exceeding dynamic entry count specified for zone-port or class-list |
||
faster_de_escalation bool |
De-escalate faster in standalone mode |
||
ip_filtering_policy str |
Configure IP Filter |
||
uuid str |
uuid of the object |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
uuid str |
uuid of the object |
||
level_list list |
Field level_list |
||
level_num str |
‘0’= Default policy level; ‘1’= Policy level 1; ‘2’= Policy level 2; ‘3’= Policy level 3; ‘4’= Policy level 4; |
||
src_default_glid str |
Global limit ID |
||
glid_action str |
‘drop’= Drop packets for glid exceed (Default); ‘blacklist-src’= Blacklist-src for glid exceed; ‘ignore’= Do nothing for glid exceed; |
||
zone_escalation_score int |
Zone activation score of this level |
||
zone_violation_actions str |
Violation actions apply due to zone escalate from this level |
||
src_escalation_score int |
Source activation score of this level |
||
src_violation_actions str |
Violation actions apply due to source escalate from this level |
||
zone_template dict |
Field zone_template |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
indicator_list list |
Field indicator_list |
||
manual_mode_list list |
Field manual_mode_list |
||
config str |
‘configuration’= Manual-mode configuration; |
||
src_default_glid str |
Global limit ID |
||
glid_action str |
‘drop’= Drop packets for glid exceed (Default); ‘blacklist-src’= Blacklist-src for glid exceed; ‘ignore’= Do nothing for glid exceed; |
||
zone_template dict |
Field zone_template |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
src_based_policy_list list |
Field src_based_policy_list |
||
src_based_policy_name str |
Specify name of the policy |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
policy_class_list_list list |
Field policy_class_list_list |
||
dynamic_entry_overflow_policy_list list |
Field dynamic_entry_overflow_policy_list |
||
dummy_name str |
‘configuration’= Configure overflow policy; |
||
glid str |
Global limit ID |
||
action str |
‘bypass’= Always permit for the Source to bypass all feature & limit checks; ‘deny’= Blacklist incoming packets for service; |
||
zone_template dict |
Field zone_template |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
port_ind dict |
Field port_ind |
||
uuid str |
uuid of the object |
||
sampling_enable list |
Field sampling_enable |
||
topk_sources dict |
Field topk_sources |
||
uuid str |
uuid of the object |
||
progression_tracking dict |
Field progression_tracking |
||
uuid str |
uuid of the object |
||
topk_destinations dict |
Field topk_destinations |
||
uuid str |
uuid of the object |
||
oper dict |
Field oper |
||
ddos_entry_list list |
Field ddos_entry_list |
||
entry_displayed_count int |
Field entry_displayed_count |
||
service_displayed_count int |
Field service_displayed_count |
||
reporting_status int |
Field reporting_status |
||
sources bool |
Field sources |
||
overflow_policy bool |
Field overflow_policy |
||
sources_all_entries bool |
Field sources_all_entries |
||
class_list str |
Field class_list |
||
subnet_ip_addr str |
Field subnet_ip_addr |
||
subnet_ipv6_addr str |
Field subnet_ipv6_addr |
||
ipv6 str |
Field ipv6 |
||
exceeded bool |
Field exceeded |
||
black_listed bool |
Field black_listed |
||
white_listed bool |
Field white_listed |
||
authenticated bool |
Field authenticated |
||
level bool |
Field level |
||
app_stat bool |
Field app_stat |
||
indicators bool |
Field indicators |
||
indicator_detail bool |
Field indicator_detail |
||
hw_blacklisted bool |
Field hw_blacklisted |
||
suffix_request_rate bool |
Field suffix_request_rate |
||
domain_name str |
Field domain_name |
||
protocol str |
‘icmp-v4’= ip-proto icmp-v4; ‘icmp-v6’= ip-proto icmp-v6; ‘other’= ip-proto other; ‘gre’= ip-proto gre; ‘ipv4-encap’= ip-proto IPv4 Encapsulation; ‘ipv6-encap’= ip-proto IPv6 Encapsulation; |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
port_ind dict |
Field port_ind |
||
topk_sources dict |
Field topk_sources |
||
progression_tracking dict |
Field progression_tracking |
||
topk_destinations dict |
Field topk_destinations |
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.