.. _ddos_dst_entry_ip_proto: ddos dst entry ip-proto ======================= DDOS IP protocol configuration ip-proto Specification ---------------------- ===================================== ============================================================================================ ===================================== ============================================================================================ **Type** *Collection* **Object Key(s)** *port-num* **Collection Name** :ref:`768_ip-proto_list` **Collection URI** /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto **Element Name** ip-proto **Element URI** /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} **Element Attributes** ip-proto_attributes **Statistics Data URI** /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/stats **Operational Data URI** /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/oper **Schema** :download:`ip-proto schema ` ===================================== ============================================================================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html

Operation	Method	URI	Payload
Create Object .. raw:: html	POST .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html
Create List .. raw:: html	POST .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html
Get Object .. raw:: html	GET .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html
Get List .. raw:: html	GET .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto .. raw:: html	:ref:`768_ip-proto_list` .. raw:: html
Modify Object .. raw:: html	POST .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html
Replace Object .. raw:: html	PUT .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html
Replace List .. raw:: html	PUT .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto .. raw:: html	:ref:`768_ip-proto_list` .. raw:: html
Delete Object .. raw:: html	DELETE .. raw:: html	/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} .. raw:: html	:ref:`768_ip-proto_attributes` .. raw:: html

.. _768_ip-proto_list: ip-proto-list ------------- ip-proto-list is **JSON List** of :ref:`768_ip-proto_attributes` ip-proto-list : [ { :ref:`768_ip-proto_attributes` }, { :ref:`768_ip-proto_attributes` }, ... ] .. _768_ip-proto_attributes: ip-proto attributes ------------------- **deny** **Description** Blacklist and Drop all incoming packets for protocol **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **esp-inspect** **Description:** esp-inspect is a **JSON Block**. Please see below for :ref:`768_esp-inspect` **Type:** Object **glid** **Description** Global limit ID **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/glid ` **glid-exceed-action** **Description:** glid-exceed-action is a **JSON Block**. Please see below for :ref:`768_glid-exceed-action` **Type:** Object **port-num** **Description** Protocol Number **Type:** number **Range:** 0-255 **template** **Description:** template is a **JSON Block**. Please see below for :ref:`768_template` **Type:** Object **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _768_esp-inspect: esp-inspect ^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **auth-algorithm** **Description** 'AUTH_NULL': No Integrity Check Value; 'HMAC-SHA-1-96': 96 bit Auth Algo; 'HMAC-SHA-256-96': 96 bit Auth Algo; 'HMAC-SHA-256-128': 128 bit Auth Algo; 'HMAC-SHA-384-192': 192 bit Auth Algo; 'HMAC-SHA-512-256': 256 bit Auth Algo; 'HMAC-MD5-96': 96 bit Auth Algo; 'MAC-RIPEMD-160-96': 96 bit Auth Algo; **Type:** string **Supported Values:** AUTH_NULL, HMAC-SHA-1-96, HMAC-SHA-256-96, HMAC-SHA-256-128, HMAC-SHA-384-192, HMAC-SHA-512-256, HMAC-MD5-96, MAC-RIPEMD-160-96 **encrypt-algorithm** **Description** 'NULL': Null Encryption Algorithm; **Type:** string **Supported Values:** NULL **mode** **Description** 'transport': Transport mode; **Type:** string **Supported Values:** transport .. _768_template: template ^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **other** **Description** DDOS other template **Type:** string **Format:** string-rlx **Maximum Length:** 128 characters **Maximum Length:** 1 characters .. _768_glid-exceed-action: glid-exceed-action ^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **stateless-encap-action-cfg** **Description:** stateless-encap-action-cfg is a **JSON Block**. Please see below for :ref:`768_glid-exceed-action_stateless-encap-action-cfg` **Type:** Object .. _768_glid-exceed-action_stateless-encap-action-cfg: glid-exceed-action_stateless-encap-action-cfg ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **encap-template** **Description** Apply legacy encap template for encap action **Type:** string **Format:** string-rlx **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/ddos/template/encap ` **stateless-encap-action** **Description** 'stateless-tunnel-encap': Encapsulate all packets; 'stateless-tunnel-encap-scrubbed': Encapsulate all packets and allow packets to go through other DDoS checks before sent (conn-limit exceeded packet can not be scrubbed, it will default to stateless-tunnel-encap); **Type:** string **Supported Values:** stateless-tunnel-encap, stateless-tunnel-encap-scrubbed .. _768_stats_other-ipproto: stats other-ipproto ------------------- .. list-table:: :widths: 10 20 30 80 :header-rows: 2 :stub-columns: 1 * - - Counter - Size - Description * - - - - * - - filter_none_match - 8 - Filter No Match * - - src_filter3_match - 8 - Src Filter3 Match * - - filter3_match - 8 - Filter3 Match * - - sflow_external_samples_packed - 8 - Sflow External Samples Packed * - - outbound_port_drop - 8 - Outbound Packets Dropped * - - src_filter2_match - 8 - Src Filter2 Match * - - sflow_external_packets_sent - 8 - Sflow External Packets Sent * - - port_bytes_drop - 8 - Inbound Bytes Dropped * - - exceed_drop_prate_src - 8 - Src Pkt Rate Exceeded * - - outbound_port_bytes_sent - 8 - Outbound Bytes Forwarded * - - dst_hw_drop - 8 - Dst Hardware Packets Dropped * - - filter_total_not_match - 8 - Filter Not Matched on Pkt * - - filter4_match - 8 - Filter4 Match * - - src_filter4_match - 8 - Src Filter4 Match * - - src_filter_action_default_pass - 8 - Src Filter Action Default Pass * - - src_filter_none_match - 8 - Src Filter No Match * - - port_bytes_sent - 8 - Inbound Bytes Forwarded * - - exceed_drop_brate_src - 8 - Src KiBit Rate Exceeded * - - src_frag_drop - 8 - Src Fragmented Packets Dropped * - - port_kbit_rate_exceed_pkt - 8 - KiBit Rate Exceeded Count * - - port_kbit_rate_exceed - 8 - KiBit Rate Exceeded * - - sflow_internal_packets_sent - 8 - Sflow Internal Packets Sent * - - sflow_internal_samples_packed - 8 - Sflow Internal Samples Packed * - - filter_action_default_pass - 8 - Filter Action Default Pass * - - filter_action_whitelist - 8 - Filter Action Whitelist * - - port_src_bl - 8 - Src Blacklisted * - - frag_timeout - 8 - Fragmented Packets Timeout * - - outbound_port_bytes_drop - 8 - Outbound Bytes Dropped * - - outbound_port_pkt_sent - 8 - Outbound Packets Forwarded * - - exceed_action_tunnel - 8 - Exceed Action: Tunnel * - - bl - 8 - Dst Blacklisted * - - src_filter_total_not_match - 8 - Src Filter Not Matched on Pkt * - - filter_action_drop - 8 - Filter Action Drop * - - filter1_match - 8 - Filter1 Match * - - filter_auth_fail - 8 - Filter Auth Failed * - - exceed_drop_brate_src_pkt - 8 - Src KiBit Rate Exceeded Count * - - src_filter1_match - 8 - Src Filter1 Match * - - filter_action_blacklist - 8 - Filter Action Blacklist * - - port_pkt_rate_exceed - 8 - Packet Rate Exceeded * - - port_pkt_sent - 8 - Inbound Packets Forwarded * - - outbound_port_rcvd - 8 - Outbound Packets Received * - - filter5_match - 8 - Filter5 Match * - - outbound_port_bytes - 8 - Outbound Bytes Received * - - src_filter_auth_fail - 8 - Src Filter Auth Failed * - - port_rcvd - 8 - Inbound Packets Received * - - src_filter5_match - 8 - Src Filter5 Match * - - src_filter_action_whitelist - 8 - Src Filter Action Whitelist * - - src_drop - 8 - Src Packets Dropped * - - port_bytes - 8 - Inbound Bytes Received * - - frag_rcvd - 8 - Fragmented Packets Received * - - src_filter_action_blacklist - 8 - Src Filter Action Blacklist * - - filter2_match - 8 - Filter2 Match * - - frag_drop - 8 - Fragmented Packets Dropped * - - port_drop - 8 - Inbound Packets Dropped * - - src_filter_action_drop - 8 - Src Filter Action Drop .. _768_oper_data: operational data ---------------- .. list-table:: :widths: 10 20 30 80 :header-rows: 2 :stub-columns: 1 * - - Counter - Size - Description * - - - - * - - app-stat - flag - app-stat * - - hw-blacklisted - string - hw-blacklisted * - - all-src-ports - flag - all-src-ports * - - all-ip-protos - flag - all-ip-protos * - - entry-displayed-count - number - entry-displayed-count * - - ddos_entry_list - - ddos_entry_list * - - service-displayed-count - number - service-displayed-count * - - all-ports - flag - all-ports * - - sflow-source-id - flag - sflow-source-id * - - port-protocol - string - port-protocol