a10_ddos_dst_entry
Synopsis
Configure IP/IPv6 static entry
Parameters
Parameters |
Choices/Defaults |
Comment |
|
---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
dst_entry_name str/required |
Field dst_entry_name |
||
ipv6_addr str |
Field ipv6_addr |
||
ip_addr str |
Field ip_addr |
||
subnet_ip_addr str |
IP Subnet |
||
subnet_ipv6_addr str |
IPV6 Subnet |
||
description str |
Description for this Destination Entry |
||
exceed_log_dep_cfg dict |
Field exceed_log_dep_cfg |
||
exceed_log_enable bool |
(Deprecated)Enable logging of limit exceed drop’s |
||
log_with_sflow_dep bool |
Turn on sflow sample with log |
||
exceed_log_cfg dict |
Field exceed_log_cfg |
||
log_enable bool |
Enable logging of limit exceed drop’s |
||
log_with_sflow bool |
Turn on sflow sample with log |
||
log_high_frequency bool |
Enable High frequency logging for non-event logs per entry |
||
rate_limit int |
Rate limit per second per entry(Default = 1 per second) |
||
log_periodic bool |
Enable periodic log while event is continuing |
||
drop_frag_pkt bool |
Drop fragmented packets |
||
sflow dict |
Field sflow |
||
polling dict |
Field polling |
||
collector list |
Field collector |
||
drop_on_no_src_dst_default bool |
Drop if no match with src-based-policy class-list, and default is not configured |
||
blackhole_on_glid_exceed int |
Blackhole destination entry for X minutes upon glid limit exceeded |
||
source_nat_pool str |
Configure source NAT |
||
dest_nat_ip str |
Destination NAT IP address |
||
dest_nat_ipv6 str |
Destination NAT IPv6 address |
||
drop_disable bool |
Disable certain drops during packet processing |
||
drop_disable_fwd_immediate bool |
Immediately forward L4 drops |
||
template dict |
Field template |
||
logging str |
DDOS logging template |
||
operational_mode str |
‘protection’= Protection mode; ‘bypass’= Bypass mode; |
||
reporting_disabled bool |
Disable Reporting |
||
glid str |
Global limit ID |
||
glid_exceed_action dict |
Field glid_exceed_action |
||
stateless_encap_action_cfg dict |
Field stateless_encap_action_cfg |
||
advertised_enable bool |
BGP advertised |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
inbound_forward_dscp int |
To set dscp value for inbound packets (DSCP Value for the clear traffic marking) |
||
outbound_forward_dscp int |
To set dscp value for outbound |
||
pattern_recognition_sensitivity str |
‘high’= High sensitive pattern recognition; ‘medium’= Medium sensitive pattern recognition; ‘low’= Low sensitive pattern recognition; |
||
pattern_recognition_hw_filter_enable bool |
to enable pattern recognition hardware filter |
||
enable_top_k list |
Field enable_top_k |
||
topk_type str |
‘destination’= Topk destination IP; |
||
topk_num_records int |
Maximum number of records to show in topk |
||
traffic_distribution_mode str |
‘default’= Distribute traffic to one slot using default distribution mechanism; ‘source-ip-based’= Distribute traffic between slots, based on source ip; |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
sampling_enable list |
Field sampling_enable |
||
counters1 str |
‘all’= all; ‘dst_tcp_any_exceed’= TCP Dst L4-Type Rate= Total Exceeded; ‘dst_tcp_pkt_rate_exceed’= TCP Dst L4-Type Rate= Packet Exceeded; ‘dst_tcp_conn_rate_exceed’= TCP Dst L4-Type Rate= Conn Exceeded; ‘dst_udp_any_exceed’= UDP Dst L4-Type Rate= Total Exceeded; ‘dst_udp_pkt_rate_exceed’= UDP Dst L4-Type Rate= Packet Exceeded; ‘dst_udp_conn_limit_exceed’= UDP Dst L4-Type Limit= Conn Exceeded; ‘dst_udp_conn_rate_exceed’= UDP Dst L4-Type Rate= Conn Exceeded; ‘dst_icmp_pkt_rate_exceed’= ICMP Dst Rate= Packet Exceeded; ‘dst_other_pkt_rate_exceed’= OTHER Dst L4-Type Rate= Packet Exceeded; ‘dst_other_frag_pkt_rate_exceed’= OTHER Dst L4-Type Rate= Frag Exceeded; ‘dst_port_pkt_rate_exceed’= Port Rate= Packet Exceeded; ‘dst_port_conn_limit_exceed’= Port Limit= Conn Exceeded; ‘dst_port_conn_rate_exceed’= Port Rate= Conn Exceeded; ‘dst_pkt_sent’= Inbound= Packets Forwarded; ‘dst_udp_pkt_sent’= UDP Total Packets Forwarded; ‘dst_tcp_pkt_sent’= TCP Total Packets Forwarded; ‘dst_icmp_pkt_sent’= ICMP Total Packets Forwarded; ‘dst_other_pkt_sent’= OTHER Total Packets Forwarded; ‘dst_tcp_conn_limit_exceed’= TCP Dst L4-Type Limit= Conn Exceeded; ‘dst_tcp_pkt_rcvd’= TCP Total Packets Received; ‘dst_udp_pkt_rcvd’= UDP Total Packets Received; ‘dst_icmp_pkt_rcvd’= ICMP Total Packets Received; ‘dst_other_pkt_rcvd’= OTHER Total Packets Received; ‘dst_udp_filter_match’= UDP Filter Match; ‘dst_udp_filter_not_match’= UDP Filter Not Matched on Pkt; ‘dst_udp_filter_action_blacklist’= UDP Filter Action Blacklist; ‘dst_udp_filter_action_drop’= UDP Filter Action Drop; ‘dst_tcp_syn’= TCP Total SYN Received; ‘dst_tcp_syn_drop’= TCP SYN Packets Dropped; ‘dst_tcp_src_rate_drop’= TCP Src Rate= Total Exceeded; ‘dst_udp_src_rate_drop’= UDP Src Rate= Total Exceeded; ‘dst_icmp_src_rate_drop’= ICMP Src Rate= Total Exceeded; ‘dst_other_frag_src_rate_drop’= OTHER Src Rate= Frag Exceeded; ‘dst_other_src_rate_drop’= OTHER Src Rate= Total Exceeded; ‘dst_tcp_drop’= TCP Total Packets Dropped; ‘dst_udp_drop’= UDP Total Packets Dropped; ‘dst_icmp_drop’= ICMP Total Packets Dropped; ‘dst_frag_drop’= Fragmented Packets Dropped; ‘dst_other_drop’= OTHER Total Packets Dropped; ‘dst_tcp_auth’= TCP Auth= SYN Cookie Sent; ‘dst_udp_filter_action_default_pass’= UDP Filter Action Default Pass; ‘dst_tcp_filter_match’= TCP Filter Match; ‘dst_tcp_filter_not_match’= TCP Filter Not Matched on Pkt; ‘dst_tcp_filter_action_blacklist’= TCP Filter Action Blacklist; ‘dst_tcp_filter_action_drop’= TCP Filter Action Drop; ‘dst_tcp_filter_action_default_pass’= TCP Filter Action Default Pass; ‘dst_udp_filter_action_whitelist’= UDP Filter Action WL; ‘dst_over_limit_on’= DST overlimit Trigger ON; ‘dst_over_limit_off’= DST overlimit Trigger OFF; ‘dst_port_over_limit_on’= DST port overlimit Trigger ON; ‘dst_port_over_limit_off’= DST port overlimit Trigger OFF; ‘dst_over_limit_action’= DST overlimit action; ‘dst_port_over_limit_action’= DST port overlimit action; ‘scanning_detected_drop’= Scanning Detected drop (deprecated); ‘scanning_detected_blacklist’= Scanning Detected blacklist (deprecated); ‘dst_udp_kibit_rate_drop’= UDP Dst L4-Type Rate= KiBit Exceeded; ‘dst_tcp_kibit_rate_drop’= TCP Dst L4-Type Rate= KiBit Exceeded; ‘dst_icmp_kibit_rate_drop’= ICMP Dst Rate= KiBit Exceeded; ‘dst_other_kibit_rate_drop’= OTHER Dst L4-Type Rate= KiBit Exceeded; ‘dst_port_undef_drop’= Dst Port Undefined Dropped; ‘dst_port_bl’= Dst Port Blacklist Packets Dropped; ‘dst_src_port_bl’= Dst SrcPort Blacklist Packets Dropped; ‘dst_port_kbit_rate_exceed’= Port Rate= KiBit Exceeded; ‘dst_tcp_src_drop’= TCP Src Packets Dropped; ‘dst_udp_src_drop’= UDP Src Packets Dropped; ‘dst_icmp_src_drop’= ICMP Src Packets Dropped; ‘dst_other_src_drop’= OTHER Src Packets Dropped; ‘tcp_syn_rcvd’= TCP Inbound SYN Received; ‘tcp_syn_ack_rcvd’= TCP SYN ACK Received; ‘tcp_ack_rcvd’= TCP ACK Received; ‘tcp_fin_rcvd’= TCP FIN Received; ‘tcp_rst_rcvd’= TCP RST Received; ‘ingress_bytes’= Inbound= Bytes Received; ‘egress_bytes’= Outbound= Bytes Received; ‘ingress_packets’= Inbound= Packets Received; ‘egress_packets’= Outbound= Packets Received; ‘tcp_fwd_recv’= TCP Inbound Packets Received; ‘udp_fwd_recv’= UDP Inbound Packets Received; ‘icmp_fwd_recv’= ICMP Inbound Packets Received; ‘tcp_syn_cookie_fail’= TCP Auth= SYN Cookie Failed; ‘dst_tcp_session_created’= TCP Sessions Created; ‘dst_udp_session_created’= UDP Sessions Created; ‘dst_tcp_filter_action_whitelist’= TCP Filter Action WL; ‘dst_other_filter_match’= OTHER Filter Match; ‘dst_other_filter_not_match’= OTHER Filter Not Matched on Pkt; ‘dst_other_filter_action_blacklist’= OTHER Filter Action Blacklist; ‘dst_other_filter_action_drop’= OTHER Filter Action Drop; ‘dst_other_filter_action_whitelist’= OTHER Filter Action WL; ‘dst_other_filter_action_default_pass’= OTHER Filter Action Default Pass; ‘dst_blackhole_inject’= Dst Blackhole Inject; ‘dst_blackhole_withdraw’= Dst Blackhole Withdraw; ‘dst_tcp_out_of_seq_excd’= TCP Out-Of-Seq Exceeded; ‘dst_tcp_retransmit_excd’= TCP Retransmit Exceeded; ‘dst_tcp_zero_window_excd’= TCP Zero-Window Exceeded; ‘dst_tcp_conn_prate_excd’= TCP Rate= Conn Pkt Exceeded; ‘dst_tcp_action_on_ack_init’= TCP Auth= ACK Retry Init; ‘dst_tcp_action_on_ack_gap_drop’= TCP Auth= ACK Retry Retry-Gap Dropped; ‘dst_tcp_action_on_ack_fail’= TCP Auth= ACK Retry Dropped; ‘dst_tcp_action_on_ack_pass’= TCP Auth= ACK Retry Passed; ‘dst_tcp_action_on_syn_init’= TCP Auth= SYN Retry Init; ‘dst_tcp_action_on_syn_gap_drop’= TCP Auth= SYN Retry-Gap Dropped; ‘dst_tcp_action_on_syn_fail’= TCP Auth= SYN Retry Dropped; ‘dst_tcp_action_on_syn_pass’= TCP Auth= SYN Retry Passed; ‘udp_payload_too_small’= UDP Payload Too Small; ‘udp_payload_too_big’= UDP Payload Too Large; ‘dst_udp_conn_prate_excd’= UDP Rate= Conn Pkt Exceeded; ‘dst_udp_ntp_monlist_req’= UDP NTP Monlist Request; ‘dst_udp_ntp_monlist_resp’= UDP NTP Monlist Response; ‘dst_udp_wellknown_sport_drop’= UDP SrcPort Wellknown; ‘dst_udp_retry_init’= UDP Auth= Retry Init; ‘dst_udp_retry_pass’= UDP Auth= Retry Passed; ‘dst_tcp_bytes_drop’= TCP Total Bytes Dropped; ‘dst_udp_bytes_drop’= UDP Total Bytes Dropped; ‘dst_icmp_bytes_drop’= ICMP Total Bytes Dropped; ‘dst_other_bytes_drop’= OTHER Total Bytes Dropped; ‘dst_out_no_route’= Dst IPv4/v6 Out No Route; ‘outbound_bytes_sent’= Outbound= Bytes Forwarded; ‘outbound_pkt_drop’= Outbound= Packets Dropped; ‘outbound_bytes_drop’= Outbound= Bytes Dropped; ‘outbound_pkt_sent’= Outbound= Packets Forwarded; ‘inbound_bytes_sent’= Inbound= Bytes Forwarded; ‘inbound_bytes_drop’= Inbound= Bytes Dropped; ‘dst_src_port_pkt_rate_exceed’= SrcPort Rate= Packet Exceeded; ‘dst_src_port_kbit_rate_exceed’= SrcPort Rate= KiBit Exceeded; ‘dst_src_port_conn_limit_exceed’= SrcPort Limit= Conn Exceeded; ‘dst_src_port_conn_rate_exceed’= SrcPort Rate= Conn Exceeded; ‘dst_ip_proto_pkt_rate_exceed’= IP-Proto Rate= Packet Exceeded; ‘dst_ip_proto_kbit_rate_exceed’= IP-Proto Rate= KiBit Exceeded; ‘dst_tcp_port_any_exceed’= TCP Port Rate= Total Exceed; ‘dst_udp_port_any_exceed’= UDP Port Rate= Total Exceed; ‘dst_tcp_auth_pass’= TCP Auth= SYN Auth Passed; ‘dst_tcp_rst_cookie_fail’= TCP Auth= RST Cookie Failed; ‘dst_tcp_unauth_drop’= TCP Auth= Unauth Dropped; ‘src_tcp_syn_auth_fail’= Src TCP Auth= SYN Auth Failed; ‘src_tcp_syn_cookie_sent’= Src TCP Auth= SYN Cookie Sent; ‘src_tcp_syn_cookie_fail’= Src TCP Auth= SYN Cookie Failed; ‘src_tcp_rst_cookie_fail’= Src TCP Auth= RST Cookie Failed; ‘src_tcp_unauth_drop’= Src TCP Auth= Unauth Dropped; ‘src_tcp_action_on_syn_init’= Src TCP Auth= SYN Retry Init; |
||
counters2 str |
‘src_tcp_action_on_syn_gap_drop’= Src TCP Auth= SYN Retry-Gap Dropped; ‘src_tcp_action_on_syn_fail’= Src TCP Auth= SYN Retry Dropped; ‘src_tcp_action_on_ack_init’= Src TCP Auth= ACK Retry Init; ‘src_tcp_action_on_ack_gap_drop’= Src TCP Auth= ACK Retry Retry-Gap Dropped; ‘src_tcp_action_on_ack_fail’= Src TCP Auth= ACK Retry Dropped; ‘src_tcp_out_of_seq_excd’= Src TCP Out-Of-Seq Exceeded; ‘src_tcp_retransmit_excd’= Src TCP Retransmit Exceeded; ‘src_tcp_zero_window_excd’= Src TCP Zero-Window Exceeded; ‘src_tcp_conn_prate_excd’= Src TCP Rate= Conn Pkt Exceeded; ‘src_udp_min_payload’= Src UDP Payload Too Small; ‘src_udp_max_payload’= Src UDP Payload Too Large; ‘src_udp_conn_prate_excd’= Src UDP Rate= Conn Pkt Exceeded; ‘src_udp_ntp_monlist_req’= Src UDP NTP Monlist Request; ‘src_udp_ntp_monlist_resp’= Src UDP NTP Monlist Response; ‘src_udp_wellknown_sport_drop’= Src UDP SrcPort Wellknown; ‘src_udp_retry_init’= Src UDP Auth= Retry Init; ‘dst_udp_retry_gap_drop’= UDP Auth= Retry-Gap Dropped; ‘dst_udp_retry_fail’= UDP Auth= Retry Timeout; ‘dst_tcp_session_aged’= TCP Sessions Aged; ‘dst_udp_session_aged’= UDP Sessions Aged; ‘dst_tcp_conn_close’= TCP Connections Closed; ‘dst_tcp_conn_close_half_open’= TCP Half Open Connections Closed; ‘dst_l4_tcp_auth’= TCP Dst L4-Type Auth= SYN Cookie Sent; ‘tcp_l4_syn_cookie_fail’= TCP Dst L4-Type Auth= SYN Cookie Failed; ‘tcp_l4_rst_cookie_fail’= TCP Dst L4-Type Auth= RST Cookie Failed; ‘tcp_l4_unauth_drop’= TCP Dst L4-Type Auth= Unauth Dropped; ‘dst_drop_frag_pkt’= Dst Fragmented Packets Dropped; ‘src_tcp_filter_action_blacklist’= Src TCP Filter Action Blacklist; ‘src_tcp_filter_action_whitelist’= Src TCP Filter Action WL; ‘src_tcp_filter_action_drop’= Src TCP Filter Action Drop; ‘src_tcp_filter_action_default_pass’= Src TCP Filter Action Default Pass; ‘src_udp_filter_action_blacklist’= Src UDP Filter Action Blacklist; ‘src_udp_filter_action_whitelist’= Src UDP Filter Action WL; ‘src_udp_filter_action_drop’= Src UDP Filter Action Drop; ‘src_udp_filter_action_default_pass’= Src UDP Filter Action Default Pass; ‘src_other_filter_action_blacklist’= Src OTHER Filter Action Blacklist; ‘src_other_filter_action_whitelist’= Src OTHER Filter Action WL; ‘src_other_filter_action_drop’= Src OTHER Filter Action Drop; ‘src_other_filter_action_default_pass’= Src OTHER Filter Action Default Pass; ‘tcp_invalid_syn’= TCP Invalid SYN Received; ‘dst_tcp_conn_close_w_rst’= TCP RST Connections Closed; ‘dst_tcp_conn_close_w_fin’= TCP FIN Connections Closed; ‘dst_tcp_conn_close_w_idle’= TCP Idle Connections Closed; ‘dst_tcp_conn_create_from_syn’= TCP Connections Created From SYN; ‘dst_tcp_conn_create_from_ack’= TCP Connections Created From ACK; ‘src_frag_drop’= Src Fragmented Packets Dropped; ‘dst_l4_tcp_blacklist_drop’= Dst L4-type TCP Blacklist Dropped; ‘dst_l4_udp_blacklist_drop’= Dst L4-type UDP Blacklist Dropped; ‘dst_l4_icmp_blacklist_drop’= Dst L4-type ICMP Blacklist Dropped; ‘dst_l4_other_blacklist_drop’= Dst L4-type OTHER Blacklist Dropped; ‘src_l4_tcp_blacklist_drop’= Src L4-type TCP Blacklist Dropped; ‘src_l4_udp_blacklist_drop’= Src L4-type UDP Blacklist Dropped; ‘src_l4_icmp_blacklist_drop’= Src L4-type ICMP Blacklist Dropped; ‘src_l4_other_blacklist_drop’= Src L4-type OTHER Blacklist Dropped; ‘drop_frag_timeout_drop’= Fragment Reassemble Timeout Drop; ‘dst_port_kbit_rate_exceed_pkt’= Port Rate= KiBit Pkt Exceeded; ‘dst_tcp_bytes_rcv’= TCP Total Bytes Received; ‘dst_udp_bytes_rcv’= UDP Total Bytes Received; ‘dst_icmp_bytes_rcv’= ICMP Total Bytes Received; ‘dst_other_bytes_rcv’= OTHER Total Bytes Received; ‘dst_tcp_bytes_sent’= TCP Total Bytes Forwarded; ‘dst_udp_bytes_sent’= UDP Total Bytes Forwarded; ‘dst_icmp_bytes_sent’= ICMP Total Bytes Forwarded; ‘dst_other_bytes_sent’= OTHER Total Bytes Forwarded; ‘dst_udp_auth_drop’= UDP Auth= Dropped; ‘dst_tcp_auth_drop’= TCP Auth= Dropped; ‘dst_tcp_auth_resp’= TCP Auth= Responded; ‘inbound_pkt_drop’= Inbound= Packets Dropped; ‘dst_entry_pkt_rate_exceed’= Entry Rate= Packet Exceeded; ‘dst_entry_kbit_rate_exceed’= Entry Rate= KiBit Exceeded; ‘dst_entry_conn_limit_exceed’= Entry Limit= Conn Exceeded; ‘dst_entry_conn_rate_exceed’= Entry Rate= Conn Exceeded; ‘dst_entry_frag_pkt_rate_exceed’= Entry Rate= Frag Packet Exceeded; ‘dst_icmp_any_exceed’= ICMP Rate= Total Exceed; ‘dst_other_any_exceed’= OTHER Rate= Total Exceed; ‘src_dst_pair_entry_total’= Src-Dst Pair Entry Total Count; ‘src_dst_pair_entry_udp’= Src-Dst Pair Entry UDP Count; ‘src_dst_pair_entry_tcp’= Src-Dst Pair Entry TCP Count; ‘src_dst_pair_entry_icmp’= Src-Dst Pair Entry ICMP Count; ‘src_dst_pair_entry_other’= Src-Dst Pair Entry OTHER Count; ‘dst_clist_overflow_policy_at_learning’= Dst Src-Based Overflow Policy Hit; ‘tcp_rexmit_syn_limit_drop’= TCP SYN Retransmit Exceeded Drop; ‘tcp_rexmit_syn_limit_bl’= TCP SYN Retransmit Exceeded Blacklist; ‘dst_tcp_wellknown_sport_drop’= TCP SrcPort Wellknown; ‘src_tcp_wellknown_sport_drop’= Src TCP SrcPort Wellknown; ‘dst_frag_rcvd’= Fragmented Packets Received; ‘no_policy_class_list_match’= No Policy Class-list Match; ‘src_udp_retry_gap_drop’= Src UDP Auth= Retry-Gap Dropped; ‘dst_entry_kbit_rate_exceed_count’= Entry Rate= KiBit Exceeded Count; ‘dst_port_undef_hit’= Dst Port Undefined Hit; ‘dst_tcp_action_on_ack_timeout’= TCP Auth= ACK Retry Timeout; ‘dst_tcp_action_on_ack_reset’= TCP Auth= ACK Retry Timeout Reset; ‘dst_tcp_action_on_ack_blacklist’= TCP Auth= ACK Retry Timeout Blacklisted; ‘src_tcp_action_on_ack_timeout’= Src TCP Auth= ACK Retry Timeout; ‘src_tcp_action_on_ack_reset’= Src TCP Auth= ACK Retry Timeout Reset; ‘src_tcp_action_on_ack_blacklist’= Src TCP Auth= ACK Retry Timeout Blacklisted; ‘dst_tcp_action_on_syn_timeout’= TCP Auth= SYN Retry Timeout; ‘dst_tcp_action_on_syn_reset’= TCP Auth= SYN Retry Timeout Reset; ‘dst_tcp_action_on_syn_blacklist’= TCP Auth= SYN Retry Timeout Blacklisted; ‘src_tcp_action_on_syn_timeout’= Src TCP Auth= SYN Retry Timeout; ‘src_tcp_action_on_syn_reset’= Src TCP Auth= SYN Retry Timeout Reset; ‘src_tcp_action_on_syn_blacklist’= Src TCP Auth= SYN Retry Timeout Blacklisted; ‘dst_udp_frag_pkt_rate_exceed’= UDP Dst L4-Type Rate= Frag Exceeded; ‘dst_udp_frag_src_rate_drop’= UDP Src Rate= Frag Exceeded; ‘dst_tcp_frag_pkt_rate_exceed’= TCP Dst L4-Type Rate= Frag Exceeded; ‘dst_tcp_frag_src_rate_drop’= TCP Src Rate= Frag Exceeded; ‘dst_icmp_frag_pkt_rate_exceed’= ICMP Dst L4-Type Rate= Frag Exceeded; ‘dst_icmp_frag_src_rate_drop’= ICMP Src Rate= Frag Exceeded; ‘sflow_internal_samples_packed’= Sflow Internal Samples Packed; ‘sflow_external_samples_packed’= Sflow External Samples Packed; ‘sflow_internal_packets_sent’= Sflow Internal Packets Sent; ‘sflow_external_packets_sent’= Sflow External Packets Sent; ‘dns_outbound_total_query’= DNS Outbound Total Query; ‘dns_outbound_query_malformed’= DNS Outbound Query Malformed; ‘dns_outbound_query_resp_chk_failed’= DNS Outbound Query Resp Check Failed; ‘dns_outbound_query_resp_chk_blacklisted’= DNS Outbound Query Resp Check Blacklisted; ‘dns_outbound_query_resp_chk_refused_sent’= DNS Outbound Query Resp Check REFUSED Sent; ‘dns_outbound_query_resp_chk_reset_sent’= DNS Outbound Query Resp Check RESET Sent; ‘dns_outbound_query_resp_chk_no_resp_sent’= DNS Outbound Query Resp Check No Response Sent; ‘dns_outbound_query_resp_size_exceed’= DNS Outbound Query Response Size Exceed; ‘dns_outbound_query_sess_timed_out’= DNS Outbound Query Session Timed Out; ‘dst_exceed_action_tunnel’= Entry Exceed Action= Tunnel; ‘src_udp_auth_timeout’= Src UDP Auth= Retry Timeout; ‘src_udp_retry_pass’= Src UDP Retry Passed; |
||
counters3 str |
‘dst_hw_drop_rule_insert’= Dst Hardware Drop Rules Inserted; ‘dst_hw_drop_rule_remove’= Dst Hardware Drop Rules Removed; ‘src_hw_drop_rule_insert’= Src Hardware Drop Rules Inserted; ‘src_hw_drop_rule_remove’= Src Hardware Drop Rules Removed; ‘prog_first_req_time_exceed’= Req-Resp= First Request Time Exceed; ‘prog_req_resp_time_exceed’= Req-Resp= Request to Response Time Exceed; ‘prog_request_len_exceed’= Req-Resp= Request Length Exceed; ‘prog_response_len_exceed’= Req-Resp= Response Length Exceed; ‘prog_resp_req_ratio_exceed’= Req-Resp= Response to Request Ratio Exceed; ‘prog_resp_req_time_exceed’= Req-Resp= Response to Request Time Exceed; ‘entry_sync_message_received’= Entry Sync Message Received; ‘entry_sync_message_sent’= Entry Sync Message Sent; ‘prog_conn_sent_exceed’= Connection= Sent Exceed; ‘prog_conn_rcvd_exceed’= Connection= Received Exceed; ‘prog_conn_time_exceed’= Connection= Time Exceed; ‘prog_conn_rcvd_sent_ratio_exceed’= Connection= Received to Sent Ratio Exceed; ‘prog_win_sent_exceed’= Time Window= Sent Exceed; ‘prog_win_rcvd_exceed’= Time Window= Received Exceed; ‘prog_win_rcvd_sent_ratio_exceed’= Time Window= Received to Sent Exceed; ‘prog_exceed_drop’= Req-Resp= Violation Exceed Dropped; ‘prog_exceed_bl’= Req-Resp= Violation Exceed Blacklisted; ‘prog_conn_exceed_drop’= Connection= Violation Exceed Dropped; ‘prog_conn_exceed_bl’= Connection= Violation Exceed Blacklisted; ‘prog_win_exceed_drop’= Time Window= Violation Exceed Dropped; ‘prog_win_exceed_bl’= Time Window= Violation Exceed Blacklisted; ‘dst_exceed_action_drop’= Entry Exceed Action= Dropped; ‘prog_conn_samples’= Sample Collected= Connection; ‘prog_req_samples’= Sample Collected= Req-Resp; ‘prog_win_samples’= Sample Collected= Time Window; ‘prog_conn_samples_processed’= Sample Processed= Connnection; ‘prog_req_samples_processed’= Sample Processed= Req-Resp; ‘prog_win_samples_processed’= Sample Processed= Time Window; ‘src_hw_drop’= Src Hardware Packets Dropped; ‘dst_tcp_auth_rst’= TCP Auth= Reset; ‘dst_src_learn_overflow’= Src Dynamic Entry Count Overflow; ‘tcp_fwd_sent’= TCP Inbound Packets Forwarded; ‘udp_fwd_sent’= UDP Inbound Packets Forwarded; |
||
capture_config_list list |
Field capture_config_list |
||
name str |
Capture-config name |
||
mode str |
‘drop’= Apply capture-config to dropped packets; ‘forward’= Apply capture- config to forwarded packets; ‘all’= Apply capture-config to both dropped and forwarded packets; |
||
uuid str |
uuid of the object |
||
hw_blacklist_blocking dict |
Field hw_blacklist_blocking |
||
dst_enable bool |
Enable Dst side hardware blocking |
||
src_enable bool |
Enable Src side hardware blocking |
||
uuid str |
uuid of the object |
||
topk_destinations dict |
Field topk_destinations |
||
uuid str |
uuid of the object |
||
l4_type_list list |
Field l4_type_list |
||
protocol str |
‘tcp’= L4-Type TCP; ‘udp’= L4-Type UDP; ‘icmp’= L4-Type ICMP; ‘other’= L4-Type OTHER; |
||
glid str |
Global limit ID |
||
glid_exceed_action dict |
Field glid_exceed_action |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
max_rexmit_syn_per_flow int |
Maximum number of re-transmit SYN per flow |
||
max_rexmit_syn_per_flow_exceed_action str |
‘drop’= Drop the packet; ‘black-list’= Add the source IP into black list; |
||
disable_syn_auth bool |
Disable TCP SYN Authentication |
||
syn_auth str |
‘send-rst’= Send RST to client upon client ACK; ‘force-rst-by-ack’= Force client RST via the use of ACK; ‘force-rst-by-synack’= Force client RST via the use of bad SYN|ACK; ‘disable’= Disable TCP SYN Authentication; |
||
syn_cookie bool |
Enable SYN Cookie |
||
tcp_reset_client bool |
Send reset to client when rate exceeds or session ages out |
||
tcp_reset_server bool |
Send reset to server when rate exceeds or session ages out |
||
drop_on_no_port_match str |
‘disable’= disable; ‘enable’= enable; |
||
stateful bool |
Enable stateful tracking of sessions (Default is stateless) |
||
tunnel_decap dict |
Field tunnel_decap |
||
tunnel_rate_limit dict |
Field tunnel_rate_limit |
||
drop_frag_pkt bool |
Drop fragmented packets |
||
undefined_port_hit_statistics dict |
Field undefined_port_hit_statistics |
||
template dict |
Field template |
||
detection_enable bool |
Enable ddos detection |
||
enable_top_k bool |
Enable ddos top-k entries |
||
topk_num_records int |
Maximum number of records to show in topk |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
ip_filtering_policy str |
Configure IP Filter |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
port_ind dict |
Field port_ind |
||
topk_sources dict |
Field topk_sources |
||
progression_tracking dict |
Field progression_tracking |
||
port_list list |
Field port_list |
||
port_num int |
Port Number |
||
protocol str |
‘dns-tcp’= DNS-TCP Port; ‘dns-udp’= DNS-UDP Port; ‘http’= HTTP Port; ‘tcp’= TCP Port; ‘udp’= UDP Port; ‘ssl-l4’= SSL-L4 Port; ‘sip-udp’= SIP-UDP Port; ‘sip- tcp’= SIP-TCP Port; |
||
detection_enable bool |
Enable ddos detection |
||
enable_top_k bool |
Enable ddos top-k entries |
||
topk_num_records int |
Maximum number of records to show in topk |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
glid str |
Global limit ID |
||
glid_exceed_action dict |
Field glid_exceed_action |
||
dns_cache str |
DNS Cache Instance |
||
template dict |
Field template |
||
sflow dict |
Field sflow |
||
capture_config dict |
Field capture_config |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
ip_filtering_policy str |
Configure IP Filter |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
port_ind dict |
Field port_ind |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
topk_sources dict |
Field topk_sources |
||
progression_tracking dict |
Field progression_tracking |
||
signature_extraction dict |
Field signature_extraction |
||
pattern_recognition dict |
Field pattern_recognition |
||
pattern_recognition_pu_details dict |
Field pattern_recognition_pu_details |
||
port_range_list list |
Field port_range_list |
||
port_range_start int |
Port-Range Start Port Number |
||
port_range_end int |
Port-Range End Port Number |
||
protocol str |
‘dns-tcp’= DNS-TCP Port; ‘dns-udp’= DNS-UDP Port; ‘http’= HTTP Port; ‘tcp’= TCP Port; ‘udp’= UDP Port; ‘ssl-l4’= SSL-L4 Port; ‘sip-udp’= SIP-UDP Port; ‘sip- tcp’= SIP-TCP Port; |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
detection_enable bool |
Enable ddos detection |
||
enable_top_k bool |
Enable ddos top-k entries |
||
topk_num_records int |
Maximum number of records to show in topk |
||
glid str |
Global limit ID |
||
glid_exceed_action dict |
Field glid_exceed_action |
||
template dict |
Field template |
||
sflow dict |
Field sflow |
||
capture_config dict |
Field capture_config |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
ip_filtering_policy str |
Configure IP Filter |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
port_ind dict |
Field port_ind |
||
topk_sources dict |
Field topk_sources |
||
progression_tracking dict |
Field progression_tracking |
||
pattern_recognition dict |
Field pattern_recognition |
||
pattern_recognition_pu_details dict |
Field pattern_recognition_pu_details |
||
src_port_list list |
Field src_port_list |
||
port_num int |
Port Number |
||
protocol str |
‘dns-udp’= DNS-UDP Port; ‘dns-tcp’= DNS-TCP Port; ‘udp’= UDP Port; ‘tcp’= TCP Port; |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
glid str |
Global limit ID |
||
outbound_src_tracking str |
‘enable’= enable; ‘disable’= disable; |
||
template dict |
Field template |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
src_port_range_list list |
Field src_port_range_list |
||
src_port_range_start int |
Src Port-Range Start Port Number |
||
src_port_range_end int |
Src Port-Range End Port Number |
||
protocol str |
‘udp’= UDP Port; ‘tcp’= TCP Port; |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
glid str |
Global limit ID |
||
template dict |
Field template |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
ip_proto_list list |
Field ip_proto_list |
||
port_num int |
Protocol Number |
||
deny bool |
Blacklist and Drop all incoming packets for protocol |
||
esp_inspect dict |
Field esp_inspect |
||
glid str |
Global limit ID |
||
glid_exceed_action dict |
Field glid_exceed_action |
||
template dict |
Field template |
||
set_counter_base_val int |
Set T2 counter value of current context to specified value |
||
ip_filtering_policy str |
Configure IP Filter |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
ip_filtering_policy_oper dict |
Field ip_filtering_policy_oper |
||
src_dst_pair dict |
Field src_dst_pair |
||
default bool |
Configure default |
||
bypass bool |
Always permit for the Source to bypass all feature & limit checks |
||
exceed_log_cfg dict |
Field exceed_log_cfg |
||
log_periodic bool |
Enable periodic log while event is continuing |
||
template dict |
Field template |
||
glid str |
Global limit ID |
||
uuid str |
uuid of the object |
||
l4_type_src_dst_list list |
Field l4_type_src_dst_list |
||
app_type_src_dst_list list |
Field app_type_src_dst_list |
||
src_dst_pair_policy_list list |
Field src_dst_pair_policy_list |
||
src_based_policy_name str |
Src-based-policy name |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
policy_class_list_list list |
Field policy_class_list_list |
||
src_dst_pair_settings_list list |
Field src_dst_pair_settings_list |
||
all_types str |
‘all-types’= Settings for all types (default or class-list); |
||
age int |
Idle age for ip entry |
||
max_dynamic_entry_count int |
Maximum count for dynamic src-dst entry |
||
apply_policy_on_overflow bool |
Enable this flag to apply overflow policy when dynamic entry count overflows |
||
unlimited_dynamic_entry_count bool |
No limit for maximum dynamic src entry count |
||
enable_class_list_overflow bool |
Apply class-list overflow policy upon exceeding dynamic entry count specified for DST entry or each class-list |
||
src_prefix_len int |
Specify src prefix length for IPv6 (default= not set) |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
l4_type_src_dst_list list |
Field l4_type_src_dst_list |
||
src_dst_pair_class_list_list list |
Field src_dst_pair_class_list_list |
||
class_list_name str |
Class-list name |
||
exceed_log_cfg dict |
Field exceed_log_cfg |
||
log_periodic bool |
Enable periodic log while event is continuing |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
l4_type_src_dst_list list |
Field l4_type_src_dst_list |
||
app_type_src_dst_list list |
Field app_type_src_dst_list |
||
cid_list list |
Field cid_list |
||
dynamic_entry_overflow_policy_list list |
Field dynamic_entry_overflow_policy_list |
||
dummy_name str |
‘configuration’= Configure src dst dynamic entry count overflow policy; |
||
bypass bool |
Always permit for the Source to bypass all feature & limit checks |
||
exceed_log_cfg dict |
Field exceed_log_cfg |
||
log_periodic bool |
Enable periodic log while event is continuing |
||
template dict |
Field template |
||
glid str |
Global limit ID |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
l4_type_src_dst_list list |
Field l4_type_src_dst_list |
||
app_type_src_dst_list list |
Field app_type_src_dst_list |
||
oper dict |
Field oper |
||
ddos_entry_list list |
Field ddos_entry_list |
||
entry_address_str str |
Field entry_address_str |
||
total_dynamic_entry_count str |
Field total_dynamic_entry_count |
||
total_dynamic_entry_limit str |
Field total_dynamic_entry_limit |
||
udp_dynamic_entry_count str |
Field udp_dynamic_entry_count |
||
udp_dynamic_entry_limit str |
Field udp_dynamic_entry_limit |
||
tcp_dynamic_entry_count str |
Field tcp_dynamic_entry_count |
||
tcp_dynamic_entry_limit str |
Field tcp_dynamic_entry_limit |
||
icmp_dynamic_entry_count str |
Field icmp_dynamic_entry_count |
||
icmp_dynamic_entry_limit str |
Field icmp_dynamic_entry_limit |
||
other_dynamic_entry_count str |
Field other_dynamic_entry_count |
||
other_dynamic_entry_limit str |
Field other_dynamic_entry_limit |
||
operational_mode str |
Field operational_mode |
||
traffic_distribution_status list |
Field traffic_distribution_status |
||
dst_entry_name str |
Field dst_entry_name |
||
source_entry_limit str |
Field source_entry_limit |
||
source_entry_alloc str |
Field source_entry_alloc |
||
source_entry_remain str |
Field source_entry_remain |
||
dst_service_limit str |
Field dst_service_limit |
||
dst_service_alloc str |
Field dst_service_alloc |
||
dst_service_remain str |
Field dst_service_remain |
||
entry_displayed_count int |
Field entry_displayed_count |
||
service_displayed_count int |
Field service_displayed_count |
||
no_t2_idx_port_count int |
Field no_t2_idx_port_count |
||
dst_all_entries bool |
Field dst_all_entries |
||
sources bool |
Field sources |
||
sources_all_entries bool |
Field sources_all_entries |
||
overflow_policy bool |
Field overflow_policy |
||
entry_count bool |
Field entry_count |
||
sflow_source_id bool |
Field sflow_source_id |
||
ipv6 str |
Field ipv6 |
||
subnet_ip_addr str |
Field subnet_ip_addr |
||
subnet_ipv6_addr str |
Field subnet_ipv6_addr |
||
l4_type_str str |
Field l4_type_str |
||
app_type str |
Field app_type |
||
exceeded bool |
Field exceeded |
||
black_listed bool |
Field black_listed |
||
white_listed bool |
Field white_listed |
||
authenticated bool |
Field authenticated |
||
class_list str |
Field class_list |
||
ip_proto_num int |
Field ip_proto_num |
||
port_num int |
Field port_num |
||
port_range_start int |
Field port_range_start |
||
port_range_end int |
Field port_range_end |
||
src_port_num int |
Field src_port_num |
||
src_port_range_start int |
Field src_port_range_start |
||
src_port_range_end int |
Field src_port_range_end |
||
protocol str |
Field protocol |
||
opt_protocol str |
Field opt_protocol |
||
sport_protocol str |
Field sport_protocol |
||
opt_sport_protocol str |
Field opt_sport_protocol |
||
app_stat bool |
Field app_stat |
||
port_app_stat bool |
Field port_app_stat |
||
all_ip_protos bool |
Field all_ip_protos |
||
all_l4_types bool |
Field all_l4_types |
||
all_ports bool |
Field all_ports |
||
all_src_ports bool |
Field all_src_ports |
||
black_holed bool |
Field black_holed |
||
resource_usage bool |
Field resource_usage |
||
display_traffic_distribution_status bool |
Field display_traffic_distribution_status |
||
entry_status bool |
Field entry_status |
||
l4_ext_rate bool |
Field l4_ext_rate |
||
hw_blacklisted str |
Field hw_blacklisted |
||
topk_destinations dict |
Field topk_destinations |
||
l4_type_list list |
Field l4_type_list |
||
port_list list |
Field port_list |
||
port_range_list list |
Field port_range_list |
||
src_port_list list |
Field src_port_list |
||
src_port_range_list list |
Field src_port_range_list |
||
ip_proto_list list |
Field ip_proto_list |
||
stats dict |
Field stats |
||
dst_tcp_any_exceed str |
TCP Dst L4-Type Rate= Total Exceeded |
||
dst_tcp_pkt_rate_exceed str |
TCP Dst L4-Type Rate= Packet Exceeded |
||
dst_tcp_conn_rate_exceed str |
TCP Dst L4-Type Rate= Conn Exceeded |
||
dst_udp_any_exceed str |
UDP Dst L4-Type Rate= Total Exceeded |
||
dst_udp_pkt_rate_exceed str |
UDP Dst L4-Type Rate= Packet Exceeded |
||
dst_udp_conn_limit_exceed str |
UDP Dst L4-Type Limit= Conn Exceeded |
||
dst_udp_conn_rate_exceed str |
UDP Dst L4-Type Rate= Conn Exceeded |
||
dst_icmp_pkt_rate_exceed str |
ICMP Dst Rate= Packet Exceeded |
||
dst_other_pkt_rate_exceed str |
OTHER Dst L4-Type Rate= Packet Exceeded |
||
dst_other_frag_pkt_rate_exceed str |
OTHER Dst L4-Type Rate= Frag Exceeded |
||
dst_port_pkt_rate_exceed str |
Port Rate= Packet Exceeded |
||
dst_port_conn_limit_exceed str |
Port Limit= Conn Exceeded |
||
dst_port_conn_rate_exceed str |
Port Rate= Conn Exceeded |
||
dst_pkt_sent str |
Inbound= Packets Forwarded |
||
dst_udp_pkt_sent str |
UDP Total Packets Forwarded |
||
dst_tcp_pkt_sent str |
TCP Total Packets Forwarded |
||
dst_icmp_pkt_sent str |
ICMP Total Packets Forwarded |
||
dst_other_pkt_sent str |
OTHER Total Packets Forwarded |
||
dst_tcp_conn_limit_exceed str |
TCP Dst L4-Type Limit= Conn Exceeded |
||
dst_tcp_pkt_rcvd str |
TCP Total Packets Received |
||
dst_udp_pkt_rcvd str |
UDP Total Packets Received |
||
dst_icmp_pkt_rcvd str |
ICMP Total Packets Received |
||
dst_other_pkt_rcvd str |
OTHER Total Packets Received |
||
dst_udp_filter_match str |
UDP Filter Match |
||
dst_udp_filter_not_match str |
UDP Filter Not Matched on Pkt |
||
dst_udp_filter_action_blacklist str |
UDP Filter Action Blacklist |
||
dst_udp_filter_action_drop str |
UDP Filter Action Drop |
||
dst_tcp_syn str |
TCP Total SYN Received |
||
dst_tcp_syn_drop str |
TCP SYN Packets Dropped |
||
dst_tcp_src_rate_drop str |
TCP Src Rate= Total Exceeded |
||
dst_udp_src_rate_drop str |
UDP Src Rate= Total Exceeded |
||
dst_icmp_src_rate_drop str |
ICMP Src Rate= Total Exceeded |
||
dst_other_frag_src_rate_drop str |
OTHER Src Rate= Frag Exceeded |
||
dst_other_src_rate_drop str |
OTHER Src Rate= Total Exceeded |
||
dst_tcp_drop str |
TCP Total Packets Dropped |
||
dst_udp_drop str |
UDP Total Packets Dropped |
||
dst_icmp_drop str |
ICMP Total Packets Dropped |
||
dst_frag_drop str |
Fragmented Packets Dropped |
||
dst_other_drop str |
OTHER Total Packets Dropped |
||
dst_tcp_auth str |
TCP Auth= SYN Cookie Sent |
||
dst_udp_filter_action_default_pass str |
UDP Filter Action Default Pass |
||
dst_tcp_filter_match str |
TCP Filter Match |
||
dst_tcp_filter_not_match str |
TCP Filter Not Matched on Pkt |
||
dst_tcp_filter_action_blacklist str |
TCP Filter Action Blacklist |
||
dst_tcp_filter_action_drop str |
TCP Filter Action Drop |
||
dst_tcp_filter_action_default_pass str |
TCP Filter Action Default Pass |
||
dst_udp_filter_action_whitelist str |
UDP Filter Action WL |
||
dst_udp_kibit_rate_drop str |
UDP Dst L4-Type Rate= KiBit Exceeded |
||
dst_tcp_kibit_rate_drop str |
TCP Dst L4-Type Rate= KiBit Exceeded |
||
dst_icmp_kibit_rate_drop str |
ICMP Dst Rate= KiBit Exceeded |
||
dst_other_kibit_rate_drop str |
OTHER Dst L4-Type Rate= KiBit Exceeded |
||
dst_port_undef_drop str |
Dst Port Undefined Dropped |
||
dst_port_bl str |
Dst Port Blacklist Packets Dropped |
||
dst_src_port_bl str |
Dst SrcPort Blacklist Packets Dropped |
||
dst_port_kbit_rate_exceed str |
Port Rate= KiBit Exceeded |
||
dst_tcp_src_drop str |
TCP Src Packets Dropped |
||
dst_udp_src_drop str |
UDP Src Packets Dropped |
||
dst_icmp_src_drop str |
ICMP Src Packets Dropped |
||
dst_other_src_drop str |
OTHER Src Packets Dropped |
||
tcp_syn_rcvd str |
TCP Inbound SYN Received |
||
tcp_syn_ack_rcvd str |
TCP SYN ACK Received |
||
tcp_ack_rcvd str |
TCP ACK Received |
||
tcp_fin_rcvd str |
TCP FIN Received |
||
tcp_rst_rcvd str |
TCP RST Received |
||
ingress_bytes str |
Inbound= Bytes Received |
||
egress_bytes str |
Outbound= Bytes Received |
||
ingress_packets str |
Inbound= Packets Received |
||
egress_packets str |
Outbound= Packets Received |
||
tcp_fwd_recv str |
TCP Inbound Packets Received |
||
udp_fwd_recv str |
UDP Inbound Packets Received |
||
icmp_fwd_recv str |
ICMP Inbound Packets Received |
||
tcp_syn_cookie_fail str |
TCP Auth= SYN Cookie Failed |
||
dst_tcp_session_created str |
TCP Sessions Created |
||
dst_udp_session_created str |
UDP Sessions Created |
||
dst_tcp_filter_action_whitelist str |
TCP Filter Action WL |
||
dst_other_filter_match str |
OTHER Filter Match |
||
dst_other_filter_not_match str |
OTHER Filter Not Matched on Pkt |
||
dst_other_filter_action_blacklist str |
OTHER Filter Action Blacklist |
||
dst_other_filter_action_drop str |
OTHER Filter Action Drop |
||
dst_other_filter_action_whitelist str |
OTHER Filter Action WL |
||
dst_other_filter_action_default_pass str |
OTHER Filter Action Default Pass |
||
dst_blackhole_inject str |
Dst Blackhole Inject |
||
dst_blackhole_withdraw str |
Dst Blackhole Withdraw |
||
dst_tcp_out_of_seq_excd str |
TCP Out-Of-Seq Exceeded |
||
dst_tcp_retransmit_excd str |
TCP Retransmit Exceeded |
||
dst_tcp_zero_window_excd str |
TCP Zero-Window Exceeded |
||
dst_tcp_conn_prate_excd str |
TCP Rate= Conn Pkt Exceeded |
||
dst_tcp_action_on_ack_init str |
TCP Auth= ACK Retry Init |
||
dst_tcp_action_on_ack_gap_drop str |
TCP Auth= ACK Retry Retry-Gap Dropped |
||
dst_tcp_action_on_ack_fail str |
TCP Auth= ACK Retry Dropped |
||
dst_tcp_action_on_ack_pass str |
TCP Auth= ACK Retry Passed |
||
dst_tcp_action_on_syn_init str |
TCP Auth= SYN Retry Init |
||
dst_tcp_action_on_syn_gap_drop str |
TCP Auth= SYN Retry-Gap Dropped |
||
dst_tcp_action_on_syn_fail str |
TCP Auth= SYN Retry Dropped |
||
dst_tcp_action_on_syn_pass str |
TCP Auth= SYN Retry Passed |
||
udp_payload_too_small str |
UDP Payload Too Small |
||
udp_payload_too_big str |
UDP Payload Too Large |
||
dst_udp_conn_prate_excd str |
UDP Rate= Conn Pkt Exceeded |
||
dst_udp_ntp_monlist_req str |
UDP NTP Monlist Request |
||
dst_udp_ntp_monlist_resp str |
UDP NTP Monlist Response |
||
dst_udp_wellknown_sport_drop str |
UDP SrcPort Wellknown |
||
dst_udp_retry_init str |
UDP Auth= Retry Init |
||
dst_udp_retry_pass str |
UDP Auth= Retry Passed |
||
dst_tcp_bytes_drop str |
TCP Total Bytes Dropped |
||
dst_udp_bytes_drop str |
UDP Total Bytes Dropped |
||
dst_icmp_bytes_drop str |
ICMP Total Bytes Dropped |
||
dst_other_bytes_drop str |
OTHER Total Bytes Dropped |
||
dst_out_no_route str |
Dst IPv4/v6 Out No Route |
||
outbound_bytes_sent str |
Outbound= Bytes Forwarded |
||
outbound_pkt_drop str |
Outbound= Packets Dropped |
||
outbound_bytes_drop str |
Outbound= Bytes Dropped |
||
outbound_pkt_sent str |
Outbound= Packets Forwarded |
||
inbound_bytes_sent str |
Inbound= Bytes Forwarded |
||
inbound_bytes_drop str |
Inbound= Bytes Dropped |
||
dst_src_port_pkt_rate_exceed str |
SrcPort Rate= Packet Exceeded |
||
dst_src_port_kbit_rate_exceed str |
SrcPort Rate= KiBit Exceeded |
||
dst_src_port_conn_limit_exceed str |
SrcPort Limit= Conn Exceeded |
||
dst_src_port_conn_rate_exceed str |
SrcPort Rate= Conn Exceeded |
||
dst_ip_proto_pkt_rate_exceed str |
IP-Proto Rate= Packet Exceeded |
||
dst_ip_proto_kbit_rate_exceed str |
IP-Proto Rate= KiBit Exceeded |
||
dst_tcp_port_any_exceed str |
TCP Port Rate= Total Exceed |
||
dst_udp_port_any_exceed str |
UDP Port Rate= Total Exceed |
||
dst_tcp_auth_pass str |
TCP Auth= SYN Auth Passed |
||
dst_tcp_rst_cookie_fail str |
TCP Auth= RST Cookie Failed |
||
dst_tcp_unauth_drop str |
TCP Auth= Unauth Dropped |
||
src_tcp_syn_auth_fail str |
Src TCP Auth= SYN Auth Failed |
||
src_tcp_syn_cookie_sent str |
Src TCP Auth= SYN Cookie Sent |
||
src_tcp_syn_cookie_fail str |
Src TCP Auth= SYN Cookie Failed |
||
src_tcp_rst_cookie_fail str |
Src TCP Auth= RST Cookie Failed |
||
src_tcp_unauth_drop str |
Src TCP Auth= Unauth Dropped |
||
src_tcp_action_on_syn_init str |
Src TCP Auth= SYN Retry Init |
||
src_tcp_action_on_syn_gap_drop str |
Src TCP Auth= SYN Retry-Gap Dropped |
||
src_tcp_action_on_syn_fail str |
Src TCP Auth= SYN Retry Dropped |
||
src_tcp_action_on_ack_init str |
Src TCP Auth= ACK Retry Init |
||
src_tcp_action_on_ack_gap_drop str |
Src TCP Auth= ACK Retry Retry-Gap Dropped |
||
src_tcp_action_on_ack_fail str |
Src TCP Auth= ACK Retry Dropped |
||
src_tcp_out_of_seq_excd str |
Src TCP Out-Of-Seq Exceeded |
||
src_tcp_retransmit_excd str |
Src TCP Retransmit Exceeded |
||
src_tcp_zero_window_excd str |
Src TCP Zero-Window Exceeded |
||
src_tcp_conn_prate_excd str |
Src TCP Rate= Conn Pkt Exceeded |
||
src_udp_min_payload str |
Src UDP Payload Too Small |
||
src_udp_max_payload str |
Src UDP Payload Too Large |
||
src_udp_conn_prate_excd str |
Src UDP Rate= Conn Pkt Exceeded |
||
src_udp_ntp_monlist_req str |
Src UDP NTP Monlist Request |
||
src_udp_ntp_monlist_resp str |
Src UDP NTP Monlist Response |
||
src_udp_wellknown_sport_drop str |
Src UDP SrcPort Wellknown |
||
src_udp_retry_init str |
Src UDP Auth= Retry Init |
||
dst_udp_retry_gap_drop str |
UDP Auth= Retry-Gap Dropped |
||
dst_udp_retry_fail str |
UDP Auth= Retry Timeout |
||
dst_tcp_session_aged str |
TCP Sessions Aged |
||
dst_udp_session_aged str |
UDP Sessions Aged |
||
dst_tcp_conn_close str |
TCP Connections Closed |
||
dst_tcp_conn_close_half_open str |
TCP Half Open Connections Closed |
||
dst_l4_tcp_auth str |
TCP Dst L4-Type Auth= SYN Cookie Sent |
||
tcp_l4_syn_cookie_fail str |
TCP Dst L4-Type Auth= SYN Cookie Failed |
||
tcp_l4_rst_cookie_fail str |
TCP Dst L4-Type Auth= RST Cookie Failed |
||
tcp_l4_unauth_drop str |
TCP Dst L4-Type Auth= Unauth Dropped |
||
src_tcp_filter_action_blacklist str |
Src TCP Filter Action Blacklist |
||
src_tcp_filter_action_whitelist str |
Src TCP Filter Action WL |
||
src_tcp_filter_action_drop str |
Src TCP Filter Action Drop |
||
src_tcp_filter_action_default_pass str |
Src TCP Filter Action Default Pass |
||
src_udp_filter_action_blacklist str |
Src UDP Filter Action Blacklist |
||
src_udp_filter_action_whitelist str |
Src UDP Filter Action WL |
||
src_udp_filter_action_drop str |
Src UDP Filter Action Drop |
||
src_udp_filter_action_default_pass str |
Src UDP Filter Action Default Pass |
||
src_other_filter_action_blacklist str |
Src OTHER Filter Action Blacklist |
||
src_other_filter_action_whitelist str |
Src OTHER Filter Action WL |
||
src_other_filter_action_drop str |
Src OTHER Filter Action Drop |
||
src_other_filter_action_default_pass str |
Src OTHER Filter Action Default Pass |
||
tcp_invalid_syn str |
TCP Invalid SYN Received |
||
dst_tcp_conn_close_w_rst str |
TCP RST Connections Closed |
||
dst_tcp_conn_close_w_fin str |
TCP FIN Connections Closed |
||
dst_tcp_conn_close_w_idle str |
TCP Idle Connections Closed |
||
dst_tcp_conn_create_from_syn str |
TCP Connections Created From SYN |
||
dst_tcp_conn_create_from_ack str |
TCP Connections Created From ACK |
||
src_frag_drop str |
Src Fragmented Packets Dropped |
||
dst_l4_tcp_blacklist_drop str |
Dst L4-type TCP Blacklist Dropped |
||
dst_l4_udp_blacklist_drop str |
Dst L4-type UDP Blacklist Dropped |
||
dst_l4_icmp_blacklist_drop str |
Dst L4-type ICMP Blacklist Dropped |
||
dst_l4_other_blacklist_drop str |
Dst L4-type OTHER Blacklist Dropped |
||
src_l4_tcp_blacklist_drop str |
Src L4-type TCP Blacklist Dropped |
||
src_l4_udp_blacklist_drop str |
Src L4-type UDP Blacklist Dropped |
||
src_l4_icmp_blacklist_drop str |
Src L4-type ICMP Blacklist Dropped |
||
src_l4_other_blacklist_drop str |
Src L4-type OTHER Blacklist Dropped |
||
dst_port_kbit_rate_exceed_pkt str |
Port Rate= KiBit Pkt Exceeded |
||
dst_tcp_bytes_rcv str |
TCP Total Bytes Received |
||
dst_udp_bytes_rcv str |
UDP Total Bytes Received |
||
dst_icmp_bytes_rcv str |
ICMP Total Bytes Received |
||
dst_other_bytes_rcv str |
OTHER Total Bytes Received |
||
dst_tcp_bytes_sent str |
TCP Total Bytes Forwarded |
||
dst_udp_bytes_sent str |
UDP Total Bytes Forwarded |
||
dst_icmp_bytes_sent str |
ICMP Total Bytes Forwarded |
||
dst_other_bytes_sent str |
OTHER Total Bytes Forwarded |
||
dst_udp_auth_drop str |
UDP Auth= Dropped |
||
dst_tcp_auth_drop str |
TCP Auth= Dropped |
||
dst_tcp_auth_resp str |
TCP Auth= Responded |
||
inbound_pkt_drop str |
Inbound= Packets Dropped |
||
dst_entry_pkt_rate_exceed str |
Entry Rate= Packet Exceeded |
||
dst_entry_kbit_rate_exceed str |
Entry Rate= KiBit Exceeded |
||
dst_entry_conn_limit_exceed str |
Entry Limit= Conn Exceeded |
||
dst_entry_conn_rate_exceed str |
Entry Rate= Conn Exceeded |
||
dst_entry_frag_pkt_rate_exceed str |
Entry Rate= Frag Packet Exceeded |
||
dst_icmp_any_exceed str |
ICMP Rate= Total Exceed |
||
dst_other_any_exceed str |
OTHER Rate= Total Exceed |
||
src_dst_pair_entry_total str |
Src-Dst Pair Entry Total Count |
||
src_dst_pair_entry_udp str |
Src-Dst Pair Entry UDP Count |
||
src_dst_pair_entry_tcp str |
Src-Dst Pair Entry TCP Count |
||
src_dst_pair_entry_icmp str |
Src-Dst Pair Entry ICMP Count |
||
src_dst_pair_entry_other str |
Src-Dst Pair Entry OTHER Count |
||
dst_clist_overflow_policy_at_learning str |
Dst Src-Based Overflow Policy Hit |
||
tcp_rexmit_syn_limit_drop str |
TCP SYN Retransmit Exceeded Drop |
||
tcp_rexmit_syn_limit_bl str |
TCP SYN Retransmit Exceeded Blacklist |
||
dst_tcp_wellknown_sport_drop str |
TCP SrcPort Wellknown |
||
src_tcp_wellknown_sport_drop str |
Src TCP SrcPort Wellknown |
||
dst_frag_rcvd str |
Fragmented Packets Received |
||
no_policy_class_list_match str |
No Policy Class-list Match |
||
src_udp_retry_gap_drop str |
Src UDP Auth= Retry-Gap Dropped |
||
dst_entry_kbit_rate_exceed_count str |
Entry Rate= KiBit Exceeded Count |
||
dst_port_undef_hit str |
Dst Port Undefined Hit |
||
dst_tcp_action_on_ack_timeout str |
TCP Auth= ACK Retry Timeout |
||
dst_tcp_action_on_ack_reset str |
TCP Auth= ACK Retry Timeout Reset |
||
dst_tcp_action_on_ack_blacklist str |
TCP Auth= ACK Retry Timeout Blacklisted |
||
src_tcp_action_on_ack_timeout str |
Src TCP Auth= ACK Retry Timeout |
||
src_tcp_action_on_ack_reset str |
Src TCP Auth= ACK Retry Timeout Reset |
||
src_tcp_action_on_ack_blacklist str |
Src TCP Auth= ACK Retry Timeout Blacklisted |
||
dst_tcp_action_on_syn_timeout str |
TCP Auth= SYN Retry Timeout |
||
dst_tcp_action_on_syn_reset str |
TCP Auth= SYN Retry Timeout Reset |
||
dst_tcp_action_on_syn_blacklist str |
TCP Auth= SYN Retry Timeout Blacklisted |
||
src_tcp_action_on_syn_timeout str |
Src TCP Auth= SYN Retry Timeout |
||
src_tcp_action_on_syn_reset str |
Src TCP Auth= SYN Retry Timeout Reset |
||
src_tcp_action_on_syn_blacklist str |
Src TCP Auth= SYN Retry Timeout Blacklisted |
||
dst_udp_frag_pkt_rate_exceed str |
UDP Dst L4-Type Rate= Frag Exceeded |
||
dst_udp_frag_src_rate_drop str |
UDP Src Rate= Frag Exceeded |
||
dst_tcp_frag_pkt_rate_exceed str |
TCP Dst L4-Type Rate= Frag Exceeded |
||
dst_tcp_frag_src_rate_drop str |
TCP Src Rate= Frag Exceeded |
||
dst_icmp_frag_pkt_rate_exceed str |
ICMP Dst L4-Type Rate= Frag Exceeded |
||
dst_icmp_frag_src_rate_drop str |
ICMP Src Rate= Frag Exceeded |
||
sflow_internal_samples_packed str |
Sflow Internal Samples Packed |
||
sflow_external_samples_packed str |
Sflow External Samples Packed |
||
sflow_internal_packets_sent str |
Sflow Internal Packets Sent |
||
sflow_external_packets_sent str |
Sflow External Packets Sent |
||
dns_outbound_total_query str |
DNS Outbound Total Query |
||
dns_outbound_query_malformed str |
DNS Outbound Query Malformed |
||
dns_outbound_query_resp_chk_failed str |
DNS Outbound Query Resp Check Failed |
||
dns_outbound_query_resp_chk_blacklisted str |
DNS Outbound Query Resp Check Blacklisted |
||
dns_outbound_query_resp_chk_refused_sent str |
DNS Outbound Query Resp Check REFUSED Sent |
||
dns_outbound_query_resp_chk_reset_sent str |
DNS Outbound Query Resp Check RESET Sent |
||
dns_outbound_query_resp_chk_no_resp_sent str |
DNS Outbound Query Resp Check No Response Sent |
||
dns_outbound_query_resp_size_exceed str |
DNS Outbound Query Response Size Exceed |
||
dns_outbound_query_sess_timed_out str |
DNS Outbound Query Session Timed Out |
||
dst_exceed_action_tunnel str |
Entry Exceed Action= Tunnel |
||
src_udp_auth_timeout str |
Src UDP Auth= Retry Timeout |
||
src_udp_retry_pass str |
Src UDP Retry Passed |
||
dst_hw_drop_rule_insert str |
Dst Hardware Drop Rules Inserted |
||
dst_hw_drop_rule_remove str |
Dst Hardware Drop Rules Removed |
||
src_hw_drop_rule_insert str |
Src Hardware Drop Rules Inserted |
||
src_hw_drop_rule_remove str |
Src Hardware Drop Rules Removed |
||
prog_first_req_time_exceed str |
Req-Resp= First Request Time Exceed |
||
prog_req_resp_time_exceed str |
Req-Resp= Request to Response Time Exceed |
||
prog_request_len_exceed str |
Req-Resp= Request Length Exceed |
||
prog_response_len_exceed str |
Req-Resp= Response Length Exceed |
||
prog_resp_req_ratio_exceed str |
Req-Resp= Response to Request Ratio Exceed |
||
prog_resp_req_time_exceed str |
Req-Resp= Response to Request Time Exceed |
||
entry_sync_message_received str |
Entry Sync Message Received |
||
entry_sync_message_sent str |
Entry Sync Message Sent |
||
prog_conn_sent_exceed str |
Connection= Sent Exceed |
||
prog_conn_rcvd_exceed str |
Connection= Received Exceed |
||
prog_conn_time_exceed str |
Connection= Time Exceed |
||
prog_conn_rcvd_sent_ratio_exceed str |
Connection= Received to Sent Ratio Exceed |
||
prog_win_sent_exceed str |
Time Window= Sent Exceed |
||
prog_win_rcvd_exceed str |
Time Window= Received Exceed |
||
prog_win_rcvd_sent_ratio_exceed str |
Time Window= Received to Sent Exceed |
||
prog_exceed_drop str |
Req-Resp= Violation Exceed Dropped |
||
prog_exceed_bl str |
Req-Resp= Violation Exceed Blacklisted |
||
prog_conn_exceed_drop str |
Connection= Violation Exceed Dropped |
||
prog_conn_exceed_bl str |
Connection= Violation Exceed Blacklisted |
||
prog_win_exceed_drop str |
Time Window= Violation Exceed Dropped |
||
prog_win_exceed_bl str |
Time Window= Violation Exceed Blacklisted |
||
dst_exceed_action_drop str |
Entry Exceed Action= Dropped |
||
prog_conn_samples str |
Sample Collected= Connection |
||
prog_req_samples str |
Sample Collected= Req-Resp |
||
prog_win_samples str |
Sample Collected= Time Window |
||
prog_conn_samples_processed str |
Sample Processed= Connnection |
||
prog_req_samples_processed str |
Sample Processed= Req-Resp |
||
prog_win_samples_processed str |
Sample Processed= Time Window |
||
src_hw_drop str |
Src Hardware Packets Dropped |
||
dst_tcp_auth_rst str |
TCP Auth= Reset |
||
dst_src_learn_overflow str |
Src Dynamic Entry Count Overflow |
||
tcp_fwd_sent str |
TCP Inbound Packets Forwarded |
||
udp_fwd_sent str |
UDP Inbound Packets Forwarded |
||
dst_entry_name str |
Field dst_entry_name |
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.