a10_ddos_zone_template_udp
Synopsis
UDP template configuration
Parameters
Parameters |
Choices/Defaults |
Comment |
|
---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
name str/required |
DDOS UDP Template Name |
||
age int |
Configure session age(in minutes) for UDP sessions |
||
per_conn_pkt_rate_cfg dict |
Field per_conn_pkt_rate_cfg |
||
per_conn_pkt_rate_limit int |
Packet rate limit per connection per rate-interval |
||
per_conn_pkt_rate_action_list_name str |
Configure action-list to take for per-conn-pkt-rate exceed |
||
per_conn_pkt_rate_action str |
‘drop’= Drop packets for per-conn-pkt-rate exceed (Default); ‘blacklist-src’= help Blacklist-src for per-conn-pkt-rate exceed; ‘ignore’= Ignore per-conn-pkt- rate-exceed; |
||
per_conn_rate_interval str |
‘100ms’= 100ms; ‘1sec’= 1sec; |
||
filter_match_type str |
‘default’= Stop matching on drop/blacklist action; ‘stop-on-first-match’= Stop matching on first match; |
||
spoof_detect_retry_timeout int |
Timeout in seconds |
||
spoof_detect_min_delay_interval str |
‘100ms’= 100ms; ‘1sec’= 1sec; |
||
spoof_detect_min_delay int |
Optional minimum delay between UDP retransmits for authentication to pass, unit is specified by min-delay-interval |
||
spoof_detect_pass_action_list_name str |
Configure action-list to take for passing the authentication |
||
spoof_detect_pass_action str |
‘authenticate-src’= authenticate-src (Default); |
||
spoof_detect_fail_action_list_name str |
Configure action-list to take for failing the authentication |
||
spoof_detect_fail_action str |
‘drop’= Drop packets (Default); ‘blacklist-src’= Blacklist-src for spoof-detect fail; |
||
token_authentication bool |
Enable Token Authentication |
||
token_authentication_hw_assist_disable bool |
token-authentication disable hardware assistance |
||
token_authentication_salt_prefix bool |
token-authentication salt-prefix |
||
token_authentication_salt_prefix_curr int |
Field token_authentication_salt_prefix_curr |
||
token_authentication_salt_prefix_prev int |
Field token_authentication_salt_prefix_prev |
||
token_authentication_formula str |
‘md5_Salt-SrcIp-SrcPort-DstIp-DstPort’= md5 of Salt-SrcIp-SrcPort-DstIp- DstPort; ‘md5_Salt-DstIp-DstPort’= md5 of Salt-DstIp-DstPort; ‘md5_Salt-SrcIp- DstIp’= md5 of Salt-SrcIp-DstIp; ‘md5_Salt-SrcPort-DstPort’= md5 of Salt- SrcPort-DstPort; ‘md5_Salt-UintDstIp-DstPort’= Using the uint value of IP for md5 of Salt-DstIp-DstPort; ‘sha1_Salt-SrcIp-SrcPort-DstIp-DstPort’= sha1 of Salt-SrcIp-SrcPort-DstIp-DstPort; ‘sha1_Salt-DstIp-DstPort’= sha1 of Salt- DstIp-DstPort; ‘sha1_Salt-SrcIp-DstIp’= sha1 of Salt-SrcIp-DstIp; ‘sha1_Salt- SrcPort-DstPort’= sha1 of Salt-SrcPort-DstPort; ‘sha1_Salt-UintDstIp-DstPort’= Using the uint value of IP for sha1 of Salt-DstIp-DstPort; |
||
previous_salt_timeout int |
Token-Authentication previous salt-prefix timeout in minutes, default is 1 min |
||
token_authentication_public_address bool |
The server public IP address |
||
public_ipv4_addr str |
IP address |
||
public_ipv6_addr str |
IPV6 address |
||
known_resp_src_port_cfg dict |
Field known_resp_src_port_cfg |
||
known_resp_src_port bool |
Take action if src-port is less than 1024 |
||
known_resp_src_port_action_list_name str |
Configure action-list to take for well-known src-port |
||
known_resp_src_port_action str |
‘drop’= Drop packets from well-known src-port(Default); ‘blacklist-src’= Blacklist-src from well-known src-port; ‘ignore’= Ignore well-known src-port; |
||
exclude_src_resp_port bool |
Exclude src port equal to dst port |
||
ntp_monlist_cfg dict |
Field ntp_monlist_cfg |
||
ntp_monlist bool |
Take action for ntp monlist request/response |
||
ntp_monlist_action_list_name str |
Configure action-list to take for ntp-monlist |
||
ntp_monlist_action str |
‘drop’= Drop packets for ntp-monlist (Default); ‘blacklist-src’= Blacklist-src for ntp-monlist; ‘ignore’= Ignore ntp-monlist; |
||
max_payload_size_cfg dict |
Field max_payload_size_cfg |
||
max_payload_size int |
Maximum UDP payload size for each single packet |
||
max_payload_size_action_list_name str |
Configure action-list to take for max-payload-size exceed |
||
max_payload_size_action str |
‘drop’= Drop packets for max-payload-size exceed (Default); ‘blacklist-src’= Blacklist-src for max-payload-size exceed; ‘ignore’= Do nothing for max- payload-size exceed; |
||
min_payload_size_cfg dict |
Field min_payload_size_cfg |
||
min_payload_size int |
Minimum UDP payload size for each single packet |
||
min_payload_size_action_list_name str |
Configure action-list to take for min-payload-size exceed |
||
min_payload_size_action str |
‘drop’= Drop packets for min-payload-size (Default); ‘blacklist-src’= Blacklist-src for min-payload-size; ‘ignore’= Do nothing for min-payload-size exceed; |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
filter_list list |
Field filter_list |
||
udp_filter_name str |
Field udp_filter_name |
||
udp_filter_seq int |
Sequence number |
||
udp_filter_regex str |
Regex Expression |
||
udp_filter_inverse_match bool |
Inverse the result of the matching |
||
byte_offset_filter str |
Filter using Berkeley Packet Filter syntax |
||
udp_filter_action_list_name str |
Configure action-list to take |
||
udp_filter_action str |
‘drop’= Drop packets (Default); ‘ignore’= Take no action; ‘blacklist-src’= Blacklist-src; ‘authenticate-src’= Authenticate-src; |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.