a10_ddos_dst_dynamic_entry_overflow_policy

Synopsis

Configure IP/IPv6 Policy Used When Dynamic Dst Entry Count overflows

Parameters

Parameters

Choices/Defaults

Comment

state

str/required

[‘noop’, ‘present’, ‘absent’]

State of the object to be created.

ansible_host

str/required

Host for AXAPI authentication

ansible_username

str/required

Username for AXAPI authentication

ansible_password

str/required

Password for AXAPI authentication

ansible_port

int/required

Port for AXAPI authentication

a10_device_context_id

int

[‘1-8’]

Device ID for aVCS configuration

a10_partition

str

Destination/target partition for object/command

default_address_type

str/required

‘ip’= ip; ‘ipv6’= ipv6;

exceed_log_dep_cfg

dict

Field exceed_log_dep_cfg

exceed_log_enable

bool

(Deprecated)Enable logging of limit exceed drop’s

log_with_sflow_dep

bool

Turn on sflow sample with log

exceed_log_cfg

dict

Field exceed_log_cfg

log_enable

bool

Enable logging of limit exceed drop’s

with_sflow_sample

bool

Turn on sflow sample with log

drop_disable

bool

Disable certain drops during packet processing

drop_disable_fwd_immediate

bool

Immediately forward L4 drops

log_periodic

bool

Enable periodic log while event is continuing

inbound_forward_dscp

int

To set dscp value for inbound packets (DSCP Value for the clear traffic marking)

outbound_forward_dscp

int

To set dscp value for outbound

template

dict

Field template

logging

str

DDOS logging template

glid

str

Global limit ID

uuid

str

uuid of the object

user_tag

str

Customized tag

l4_type_list

list

Field l4_type_list

protocol

str

‘tcp’= tcp; ‘udp’= udp; ‘icmp’= icmp; ‘other’= other;

glid

str

Global limit ID

deny

bool

Blacklist and Drop all incoming packets for protocol

max_rexmit_syn_per_flow

int

Maximum number of re-transmit SYN per flow. Exceed action set to Drop

syn_auth

str

‘send-rst’= Send RST to client upon client ACK; ‘force-rst-by-ack’= Force client RST via the use of ACK; ‘force-rst-by-synack’= Force client RST via the use of bad SYN|ACK; ‘disable’= Disable TCP SYN Authentication;

syn_cookie

bool

Enable SYN Cookie

tcp_reset_client

bool

Send reset to client when rate exceeds or session ages out

tcp_reset_server

bool

Send reset to server when rate exceeds or session ages out

drop_on_no_port_match

str

‘disable’= disable; ‘enable’= enable;

stateful

bool

Enable stateful tracking of sessions (Default is stateless)

tunnel_decap

dict

Field tunnel_decap

tunnel_rate_limit

dict

Field tunnel_rate_limit

drop_frag_pkt

bool

Drop fragmented packets

uuid

str

uuid of the object

user_tag

str

Customized tag

port_list

list

Field port_list

port_num

int

Port Number

protocol

str

‘dns-tcp’= dns-tcp; ‘dns-udp’= dns-udp; ‘http’= http; ‘tcp’= tcp; ‘udp’= udp; ‘ssl-l4’= ssl-l4; ‘sip-udp’= sip-udp; ‘sip-tcp’= sip-tcp;

deny

bool

Blacklist and Drop all incoming packets for protocol

glid

str

Global limit ID

template

dict

Field template

uuid

str

uuid of the object

user_tag

str

Customized tag

src_port_list

list

Field src_port_list

port_num

int

Port Number

protocol

str

‘udp’= udp; ‘tcp’= tcp;

deny

bool

Blacklist and Drop all incoming packets for protocol

glid

str

Global limit ID

template

dict

Field template

uuid

str

uuid of the object

user_tag

str

Customized tag

ip_proto_list

list

Field ip_proto_list

port_num

int

Protocol Number

deny

bool

Blacklist and Drop all incoming packets for protocol

glid

str

Global limit ID

template

dict

Field template

uuid

str

uuid of the object

user_tag

str

Customized tag

Examples


Return Values

modified_values (changed, dict, )

Values modified (or potential changes if using check_mode) as a result of task operation

axapi_calls (always, list, )

Sequential list of AXAPI calls made by the task

endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])

The AXAPI endpoint being accessed.

http_method (, str, [‘POST’, ‘GET’])

HTTP method being used by the primary task to interact with the AXAPI endpoint.

request_body (, complex, )

Params used to query the AXAPI

response_body (, complex, )

Response from the AXAPI

Status

  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.

Authors

  • A10 Networks