ddos dst entry ip-proto¶
DDOS IP protocol configuration
ip-proto Specification¶
Type Collection Object Key(s) port-num Collection Name ip-proto-list Collection URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto Element Name ip-proto Element URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} Element Attributes ip-proto_attributes Statistics Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/stats Operational Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/oper Schema ip-proto schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Create List | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Get Object | GET | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Get List | GET | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Modify Object | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Replace Object | PUT | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Replace List | PUT | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Delete Object | DELETE | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} |
ip-proto-list¶
ip-proto-list is JSON List of ip-proto attributes
ip-proto-list : [
]
ip-proto attributes¶
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
esp-inspect
Description: esp-inspect is a JSON Block. Please see below for esp-inspect
Type: Object
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
glid-exceed-action
Description: glid-exceed-action is a JSON Block. Please see below for glid-exceed-action
Type: Object
port-num
Description Protocol Number
Type: number
Range: 0-255
template
Description: template is a JSON Block. Please see below for template
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
esp-inspect¶
Specification Type object auth-algorithm
Description ‘AUTH_NULL’: No Integrity Check Value; ‘HMAC-SHA-1-96’: 96 bit Auth Algo; ‘HMAC-SHA-256-96’: 96 bit Auth Algo; ‘HMAC-SHA-256-128’: 128 bit Auth Algo; ‘HMAC-SHA-384-192’: 192 bit Auth Algo; ‘HMAC-SHA-512-256’: 256 bit Auth Algo; ‘HMAC-MD5-96’: 96 bit Auth Algo; ‘MAC-RIPEMD-160-96’: 96 bit Auth Algo;
Type: string
Supported Values: AUTH_NULL, HMAC-SHA-1-96, HMAC-SHA-256-96, HMAC-SHA-256-128, HMAC-SHA-384-192, HMAC-SHA-512-256, HMAC-MD5-96, MAC-RIPEMD-160-96
encrypt-algorithm
Description ‘NULL’: Null Encryption Algorithm;
Type: string
Supported Values: NULL
mode
Description ‘transport’: Transport mode;
Type: string
Supported Values: transport
template¶
Specification Type object other
Description DDOS other template
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
glid-exceed-action¶
Specification Type object stateless-encap-action-cfg
Description: stateless-encap-action-cfg is a JSON Block. Please see below for glid-exceed-action_stateless-encap-action-cfg
Type: Object
glid-exceed-action_stateless-encap-action-cfg¶
Specification Type object encap-template
Description Apply legacy encap template for encap action
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/template/encap
stateless-encap-action
Description ‘stateless-tunnel-encap’: Encapsulate all packets; ‘stateless-tunnel-encap-scrubbed’: Encapsulate all packets and allow packets to go through other DDoS checks before sent (conn-limit exceeded packet can not be scrubbed, it will default to stateless-tunnel-encap);
Type: string
Supported Values: stateless-tunnel-encap, stateless-tunnel-encap-scrubbed
stats other-ipproto¶
| Counter | Size | Description | |
|---|---|---|---|
| filter_none_match | 8 | Filter No Match | |
| src_filter3_match | 8 | Src Filter3 Match | |
| filter3_match | 8 | Filter3 Match | |
| sflow_external_samples_packed | 8 | Sflow External Samples Packed | |
| outbound_port_drop | 8 | Outbound Packets Dropped | |
| src_filter2_match | 8 | Src Filter2 Match | |
| sflow_external_packets_sent | 8 | Sflow External Packets Sent | |
| port_bytes_drop | 8 | Inbound Bytes Dropped | |
| exceed_drop_prate_src | 8 | Src Pkt Rate Exceeded | |
| outbound_port_bytes_sent | 8 | Outbound Bytes Forwarded | |
| dst_hw_drop | 8 | Dst Hardware Packets Dropped | |
| filter_total_not_match | 8 | Filter Not Matched on Pkt | |
| filter4_match | 8 | Filter4 Match | |
| src_filter4_match | 8 | Src Filter4 Match | |
| src_filter_action_default_pass | 8 | Src Filter Action Default Pass | |
| src_filter_none_match | 8 | Src Filter No Match | |
| port_bytes_sent | 8 | Inbound Bytes Forwarded | |
| exceed_drop_brate_src | 8 | Src KiBit Rate Exceeded | |
| src_frag_drop | 8 | Src Fragmented Packets Dropped | |
| port_kbit_rate_exceed_pkt | 8 | KiBit Rate Exceeded Count | |
| port_kbit_rate_exceed | 8 | KiBit Rate Exceeded | |
| sflow_internal_packets_sent | 8 | Sflow Internal Packets Sent | |
| sflow_internal_samples_packed | 8 | Sflow Internal Samples Packed | |
| filter_action_default_pass | 8 | Filter Action Default Pass | |
| filter_action_whitelist | 8 | Filter Action Whitelist | |
| port_src_bl | 8 | Src Blacklisted | |
| frag_timeout | 8 | Fragmented Packets Timeout | |
| outbound_port_bytes_drop | 8 | Outbound Bytes Dropped | |
| outbound_port_pkt_sent | 8 | Outbound Packets Forwarded | |
| exceed_action_tunnel | 8 | Exceed Action: Tunnel | |
| bl | 8 | Dst Blacklisted | |
| src_filter_total_not_match | 8 | Src Filter Not Matched on Pkt | |
| filter_action_drop | 8 | Filter Action Drop | |
| filter1_match | 8 | Filter1 Match | |
| filter_auth_fail | 8 | Filter Auth Failed | |
| exceed_drop_brate_src_pkt | 8 | Src KiBit Rate Exceeded Count | |
| src_filter1_match | 8 | Src Filter1 Match | |
| filter_action_blacklist | 8 | Filter Action Blacklist | |
| port_pkt_rate_exceed | 8 | Packet Rate Exceeded | |
| port_pkt_sent | 8 | Inbound Packets Forwarded | |
| outbound_port_rcvd | 8 | Outbound Packets Received | |
| filter5_match | 8 | Filter5 Match | |
| outbound_port_bytes | 8 | Outbound Bytes Received | |
| src_filter_auth_fail | 8 | Src Filter Auth Failed | |
| port_rcvd | 8 | Inbound Packets Received | |
| src_filter5_match | 8 | Src Filter5 Match | |
| src_filter_action_whitelist | 8 | Src Filter Action Whitelist | |
| src_drop | 8 | Src Packets Dropped | |
| port_bytes | 8 | Inbound Bytes Received | |
| frag_rcvd | 8 | Fragmented Packets Received | |
| src_filter_action_blacklist | 8 | Src Filter Action Blacklist | |
| filter2_match | 8 | Filter2 Match | |
| frag_drop | 8 | Fragmented Packets Dropped | |
| port_drop | 8 | Inbound Packets Dropped | |
| src_filter_action_drop | 8 | Src Filter Action Drop |
operational data¶
| Counter | Size | Description | |
|---|---|---|---|
| app-stat | flag | app-stat | |
| hw-blacklisted | string | hw-blacklisted | |
| all-src-ports | flag | all-src-ports | |
| all-ip-protos | flag | all-ip-protos | |
| entry-displayed-count | number | entry-displayed-count | |
| ddos_entry_list | ddos_entry_list | ||
| service-displayed-count | number | service-displayed-count | |
| all-ports | flag | all-ports | |
| sflow-source-id | flag | sflow-source-id | |
| port-protocol | string | port-protocol |