ddos dst entry l4-type

DDOS L4 type

l4-type Specification

   
Type Collection
Object Key(s) protocol
Collection Name l4-type-list
Collection URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type
Element Name l4-type
Element URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}
Element Attributes l4-type_attributes
Statistics Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}/stats
Operational Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}/oper
Schema l4-type schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type

l4-type attributes

Create List

POST

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type

l4-type attributes

Get Object

GET

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}

l4-type attributes

Get List

GET

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type

l4-type-list

Modify Object

POST

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}

l4-type attributes

Replace Object

PUT

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}

l4-type attributes

Replace List

PUT

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type

l4-type-list

Delete Object

DELETE

/axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}

l4-type attributes

l4-type-list

l4-type-list is JSON List of l4-type attributes

l4-type-list : [

l4-type attributes

deny

Description Blacklist and Drop all incoming packets for protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

detection-enable

Description Enable ddos detection

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

drop-frag-pkt

Description Drop fragmented packets

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

drop-on-no-port-match

Description ‘disable’: disable; ‘enable’: enable;

Type: string

Supported Values: disable, enable

Default: enable

enable-top-k

Description Enable ddos top-k entries

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

glid

Description Global limit ID

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Refernce Object: /axapi/v3/glid

glid-exceed-action

Description: glid-exceed-action is a JSON Block. Please see below for glid-exceed-action

Type: Object

max-rexmit-syn-per-flow

Description Maximum number of re-transmit SYN per flow

Type: number

Range: 1-6

max-rexmit-syn-per-flow-exceed-action

Description ‘drop’: Drop the packet; ‘black-list’: Add the source IP into black list;

Type: string

Supported Values: drop, black-list

port-ind

Description: port-ind is a JSON Block. Please see below for port-ind

Type: Object

Refernce Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}/port-ind

protocol

Description ‘tcp’: L4-Type TCP; ‘udp’: L4-Type UDP; ‘icmp’: L4-Type ICMP; ‘other’: L4-Type OTHER;

Type: string

Supported Values: tcp, udp, icmp, other

stateful

Description Enable stateful tracking of sessions (Default is stateless)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

syn-auth

Description ‘send-rst’: Send RST to client upon client ACK; ‘force-rst-by-ack’: Force client RST via the use of ACK; ‘force-rst-by-synack’: Force client RST via the use of bad SYN|ACK; ‘disable’: Disable TCP SYN Authentication;

Type: string

Supported Values: send-rst, force-rst-by-ack, force-rst-by-synack, disable

Default: send-rst

syn-cookie

Description Enable SYN Cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

tcp-reset-client

Description Send reset to client when rate exceeds or session ages out

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

tcp-reset-server

Description Send reset to server when rate exceeds or session ages out

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

template

Description: template is a JSON Block. Please see below for template

Type: Object

topk-sources

Description: topk-sources is a JSON Block. Please see below for topk-sources

Type: Object

Refernce Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/l4-type/{protocol}/topk-sources

tunnel-decap

Description: tunnel-decap is a JSON Block. Please see below for tunnel-decap

Type: Object

tunnel-rate-limit

Description: tunnel-rate-limit is a JSON Block. Please see below for tunnel-rate-limit

Type: Object

undefined-port-hit-statistics

Description: undefined-port-hit-statistics is a JSON Block. Please see below for undefined-port-hit-statistics

Type: Object

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

undefined-port-hit-statistics

Specification  
Type object

reset-interval

Description Configure port scanning counter reset interval (minutes), Default 60 mins

Type: number

Range: 1-64000

Default: 60

undefined-port-hit-statistics

Description Enable port scanning statistics

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

template

Specification  
Type object

template-icmp-v4

Description DDOS icmp-v4 template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

template-icmp-v6

Description DDOS icmp-v6 template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

glid-exceed-action

Specification  
Type object

stateless-encap-action-cfg

Description: stateless-encap-action-cfg is a JSON Block. Please see below for glid-exceed-action_stateless-encap-action-cfg

Type: Object

glid-exceed-action_stateless-encap-action-cfg

Specification  
Type object

encap-template

Description Apply legacy encap template for encap action

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

Refernce Object: /axapi/v3/ddos/template/encap

stateless-encap-action

Description ‘stateless-tunnel-encap’: Encapsulate all packets; ‘stateless-tunnel-encap-scrubbed’: Encapsulate all packets and allow packets to go through other DDoS checks before sent (conn-limit exceeded packet can not be scrubbed, it will default to stateless-tunnel-encap);

Type: string

Supported Values: stateless-tunnel-encap, stateless-tunnel-encap-scrubbed

tunnel-decap

Specification  
Type object

gre-decap

Description Enable GRE Tunnel decapsulation

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ip-decap

Description Enable IP Tunnel decapsulation

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

key-cfg

Type: List

tunnel-decap_key-cfg

Specification  
Type list
Block object keys  

key

Description Only decapsulate GRE packet with this key (Hexadecimal 0x0-0xFFFFFFFF,decimal 0-4294967295)

Type: string

Maximum Length: 10 characters

Maximum Length: 1 characters

port-ind

Specification  
Type object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

topk-sources

Specification  
Type object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

tunnel-rate-limit

Specification  
Type object

gre-rate-limit

Description Enable inner IP rate limiting on GRE traffic

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ip-rate-limit

Description Enable inner IP rate limiting on IPinIP traffic

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

stats l4type-icmp

  Counter Size Description
       
  port_src_bl 8 Src Blacklisted
  outbound_port_drop 8 Outbound Packets Dropped
  rate_type2_exceed_drop 8 ICMP Type Dst Rate 3 Dropped
  port_bytes_drop 8 Inbound Bytes Dropped
  rate_type2_exceed_bl 8 ICMP Type Dst Rate 3 Blacklisted
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  dst_hw_drop 8 Dst Hardware Packets Dropped
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  icmpv6_rfc_undef_drop 8 ICMPv6 RFC Undef Type Dropped
  rate_type1_exceed 8 ICMP Type Dst Rate 2 Exceeded
  port_pkt_sent 8 Inbound Packets Forwarded
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  rate_type0_exceed_drop 8 ICMP Type Dst Rate 1 Dropped
  rate_type1_exceed_bl 8 ICMP Type Dst Rate 2 Blacklisted
  rate_type2_exceed 8 ICMP Type Dst Rate 3 Exceeded
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  sflow_internal_packets_sent 8 Sflow Internal Packets Sent
  sflow_internal_samples_packed 8 Sflow Internal Samples Packed
  rate_type0_exceed 8 ICMP Type Dst Rate 1 Exceeded
  type 8 ICMP Type
  frag_rcvd 8 Fragmented Packets Received
  wildcard_bl 8 ICMP Type Wildcard Blacklisted
  icmpv4_rfc_undef_drop 8 ICMPv4 RFC Undef Type Dropped
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  exceed_action_tunnel 8 Exceed Action: Tunnel
  bl 8 Dst Blacklisted
  rate_type1_exceed_drop 8 ICMP Type Dst Rate 2 Dropped
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  type_deny_drop 8 ICMP Type Dropped
  wildcard_deny_drop 8 ICMP Type Wildcard Dropped
  outbound_port_rcvd 8 Outbound Packets Received
  outbound_port_bytes 8 Outbound Bytes Received
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  port_rcvd 8 Inbound Packets Received
  sflow_external_samples_packed 8 Sflow External Samples Packed
  sflow_external_packets_sent 8 Sflow External Packets Sent
  src_drop 8 Src Packets Dropped
  port_bytes 8 Inbound Bytes Received
  frag_timeout 8 Fragmented Packets Timeout
  wildcard 8 ICMP Type Wildcard
  frag_drop 8 Fragmented Packets Dropped
  port_drop 8 Inbound Packets Dropped
  rate_type0_exceed_bl 8 ICMP Type Dst Rate 1 Blacklisted
  src_frag_drop 8 Src Fragmented Packets Dropped
  type_bl 8 ICMP Type Blacklisted

stats other-ipproto

  Counter Size Description
       
  filter_none_match 8 Filter No Match
  src_filter3_match 8 Src Filter3 Match
  filter3_match 8 Filter3 Match
  sflow_external_samples_packed 8 Sflow External Samples Packed
  outbound_port_drop 8 Outbound Packets Dropped
  src_filter2_match 8 Src Filter2 Match
  sflow_external_packets_sent 8 Sflow External Packets Sent
  port_bytes_drop 8 Inbound Bytes Dropped
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  dst_hw_drop 8 Dst Hardware Packets Dropped
  filter_total_not_match 8 Filter Not Matched on Pkt
  filter4_match 8 Filter4 Match
  src_filter4_match 8 Src Filter4 Match
  src_filter_action_default_pass 8 Src Filter Action Default Pass
  src_filter_none_match 8 Src Filter No Match
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  src_frag_drop 8 Src Fragmented Packets Dropped
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  sflow_internal_packets_sent 8 Sflow Internal Packets Sent
  sflow_internal_samples_packed 8 Sflow Internal Samples Packed
  filter_action_default_pass 8 Filter Action Default Pass
  filter_action_whitelist 8 Filter Action Whitelist
  port_src_bl 8 Src Blacklisted
  frag_timeout 8 Fragmented Packets Timeout
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  exceed_action_tunnel 8 Exceed Action: Tunnel
  bl 8 Dst Blacklisted
  src_filter_total_not_match 8 Src Filter Not Matched on Pkt
  filter_action_drop 8 Filter Action Drop
  filter1_match 8 Filter1 Match
  filter_auth_fail 8 Filter Auth Failed
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  src_filter1_match 8 Src Filter1 Match
  filter_action_blacklist 8 Filter Action Blacklist
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  port_pkt_sent 8 Inbound Packets Forwarded
  outbound_port_rcvd 8 Outbound Packets Received
  filter5_match 8 Filter5 Match
  outbound_port_bytes 8 Outbound Bytes Received
  src_filter_auth_fail 8 Src Filter Auth Failed
  port_rcvd 8 Inbound Packets Received
  src_filter5_match 8 Src Filter5 Match
  src_filter_action_whitelist 8 Src Filter Action Whitelist
  src_drop 8 Src Packets Dropped
  port_bytes 8 Inbound Bytes Received
  frag_rcvd 8 Fragmented Packets Received
  src_filter_action_blacklist 8 Src Filter Action Blacklist
  filter2_match 8 Filter2 Match
  frag_drop 8 Fragmented Packets Dropped
  port_drop 8 Inbound Packets Dropped
  src_filter_action_drop 8 Src Filter Action Drop

stats tcp-port

  Counter Size Description
       
  src_ack_auth_fail 8 Src ACK Retry Dropped
  src_well_known_port 8 Src TCP SrcPort Wellknown
  tcp_rexmit_syn_limit_drop 8 TCP SYN Retransmit Exceeded Drop
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  filter_total_not_match 8 Filter Not Matched on Pkt
  src_ack_retry_gap_drop 8 Src ACK Retry Retry-Gap Dropped
  filter4_match 8 Filter4 Match
  src_create_conn_non_syn_dropped 8 Src Create Conn with non-SYN Packets Dropped
  sess_aged 8 Sessions Aged Out
  tcp_auth_resp 8 TCP Auth Responded
  pattern_filter1_match 8 Extracted Filter1 Match
  conn_close 8 Connections Closed
  syn_auth_fail 8 SYN Auth Failed
  pattern_filter2_match 8 Extracted Filter2 Match
  syn_retry_init 8 SYN Retry Init
  pattern_filter5_match 8 Extracted Filter5 Match
  wellknown_sport_drop 8 TCP SrcPort Wellknown
  src_filter_total_not_match 8 Src Filter Not Matched on Pkt
  port_syn_rate_exceed 8 TCP SYN Rate Exceeded
  conn_rexmit_rate_excd 8 TCP Conn Retransmit Rate Exceeded
  outbound_port_bytes 8 Outbound Bytes Received
  out_of_seq_excd 8 Out-Of-Seq Exceeded
  conn_close_w_rst 8 RST Connections Closed
  sflow_external_packets_sent 8 Sflow External Packets Sent
  dst_hw_drop 8 Dst Hardware Packets Dropped
  filter_action_default_pass 8 Filter Action Default Pass
  src_ack_retry_rto_progress 8 Src ACK Retry RTO Progress
  src_filter_action_blacklist 8 Src Filter Action Blacklist
  src_retransmit_excd 8 Src Retransmit Exceeded
  pattern_filter3_match 8 Extracted Filter3 Match
  tcp_rexmit_syn_limit_bl 8 TCP SYN Retransmit Exceeded Blacklist
  src_ack_retry_timeout 8 Src ACK Retry Timeout
  src_filter5_match 8 Src Filter5 Match
  outbound_port_drop 8 Outbound Packets Dropped
  filter5_match 8 Filter5 Match
  tcp_auth_drop 8 TCP Auth Dropped
  src_filter4_match 8 Src Filter4 Match
  src_filter_action_default_pass 8 Src Filter Action Default Pass
  syn_cookie_fail 8 SYN Cookie Failed
  src_syn_retry_rto_fail 8 Src SYN Retry RTO Dropped
  syn_retry_rto_progress 8 SYN Retry RTO Progress
  src_conn_rexmit_rate_excd 8 Src TCP Conn Retransmit Rate Exceeded
  src_out_of_seq_excd 8 Src Out-Of-Seq Exceeded
  rst_cookie_fail 8 RST Cookie Failed
  ack_retry_rto_fail 8 ACK Retry RTO Dropped
  sflow_internal_packets_sent 8 Sflow Internal Packets Sent
  frag_rcvd 8 Fragmented Packets Received
  src_syn_retry_init 8 Src SYN Retry Init
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  syn_retry_rto_pass 8 SYN Retry RTO Passed
  exceed_action_tunnel 8 Exceed Action: Tunnel
  bl 8 Dst Blacklisted
  filter1_match 8 Filter1 Match
  port_bytes 8 Inbound Bytes Received
  sess_create_inbound 8 Inbound Sessions Created
  filter_auth_fail 8 Filter Auth Failed
  conn_create_from_syn 8 Connections Created From SYN
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  src_filter1_match 8 Src Filter1 Match
  src_zero_window_excd 8 Src Zero-Window Exceeded
  pattern_filter4_match 8 Extracted Filter4 Match
  ack_auth_fail 8 ACK Retry Dropped
  sflow_external_samples_packed 8 Sflow External Samples Packed
  src_drop 8 Src Packets Dropped
  syn_retry_blacklist 8 SYN Retry Timeout Blacklisted
  synack_reset_sent 8 SYNACK Reset Sent
  pattern_recognition_pattern_changed 8 Pattern Recognition: Pattern Change Detected
  src_conn_ofo_rate_excd 8 Src TCP Conn Out-Of-Seq Rate Exceeded
  syn_retry_gap_drop 8 SYN Retry-Gap Dropped
  conn_create_from_ack 8 Connections Created From ACK
  filter_none_match 8 Filter No Match
  src_filter3_match 8 Src Filter3 Match
  src_syn_retry_gap_drop 8 Src SYN Retry-Gap Dropped
  syn_drop 8 SYN Dropped
  src_syn_rate_exceed 8 Src TCP SYN Rate Exceeded
  port_conn_rate_exceed 8 Conn Rate Exceeded
  src_syn_retry_timeout 8 Src SYN Retry Timeout
  src_filter_none_match 8 Src Filter No Match
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  unauth_drop 8 TCP Unauth Dropped
  src_syn_cookie_sent 8 Src SYN Cookie Sent
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  ack_retry_timeout 8 ACK Retry Timeout
  src_frag_drop 8 Src Fragmented Packets Dropped
  syn_retry_timeout 8 SYN Retry Timeout
  syn_tfo_rcv 8 SYN TFO Received
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  src_unauth_drop 8 Src TCP Unauth Dropped
  filter_action_whitelist 8 Filter Action WL
  src_conn_pkt_rate_excd 8 Src TCP Conn Pkt Rate Exceeded
  port_src_bl 8 Src Blacklisted
  frag_timeout 8 Fragmented Packets Timeout
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  sess_create_outbound 8 Outbound Sessions Created
  pattern_filter_drop 8 Extracted Filter Drop
  conn_close_w_fin 8 FIN Connections Closed
  src_syn_retry_blacklist 8 Src SYN Retry Timeout Blacklisted
  src_ack_retry_rto_pass 8 Src ACK Retry RTO Passed
  src_conn_zwindow_rate_excd 8 Src TCP Conn Zero-Window Rate Exceeded
  src_ack_retry_init 8 Src ACK Retry Init
  ack_retry_blacklist 8 ACK Retry Timeout Blacklisted
  filter_action_blacklist 8 Filter Action Blacklist
  port_pkt_sent 8 Inbound Packets Forwarded
  syn_auth_pass 8 SYN Auth Passed
  syn_retry_rto_fail 8 SYN Retry RTO Dropped
  syn_cookie_sent 8 SYN Cookie Sent
  retransmit_excd 8 Retransmit Exceeded
  src_syn_auth_fail 8 Src SYN Auth Failed
  src_filter_action_whitelist 8 Src Filter Action WL
  zero_window_excd 8 Zero-Window Exceeded
  src_ack_retry_reset 8 Src ACK Retry Timeout Reset
  conn_ofo_rate_excd 8 TCP Conn Out-Of-Seq Rate Exceeded
  filter2_match 8 Filter2 Match
  src_ack_retry_blacklist 8 Src ACK Retry Timeout Blacklisted
  frag_drop 8 Fragmented Packets Dropped
  pattern_not_found 8 Pattern Recognitoin: Pattern Not Found
  syn_retry_reset 8 SYN Retry Timeout Reset
  port_conn_limm_exceed 8 Conn Limit Exceeded
  filter3_match 8 Filter3 Match
  exceed_drop_climit_src 8 Src Conn Limit Exceeded
  conn_close_w_idle 8 Idle Connections Closed
  src_filter2_match 8 Src Filter2 Match
  sess_create 8 Session Create
  port_bytes_drop 8 Inbound Bytes Dropped
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  ack_retry_pass 8 ACK Retry Passed
  pattern_recognition_generic_error 8 Pattern Recognition: Exceptions
  ack_retry_reset 8 ACK Retry Timeout Reset
  src_syn_cookie_fail 8 Src SYN Cookie Failed
  syn_retry_failed 8 SYN Retry Dropped
  pattern_recognition_sampling_started 8 Pattern Recognition: Sampling Started
  ack_retry_init 8 ACK Retry Init
  sflow_internal_samples_packed 8 Sflow Internal Samples Packed
  ack_retry_gap_drop 8 ACK Retry Retry-Gap Dropped
  create_conn_non_syn_dropped 8 Create Conn with non-SYN Packets Dropped
  syn_retry_pass 8 SYN Retry Passed
  src_syn_retry_failed 8 Src SYN Retry Dropped
  filter_action_drop 8 Filter Action Drop
  src_ack_retry_rto_fail 8 Src ACK Retry RTO Dropped
  conn_zwindow_rate_excd 8 TCP Conn Zero-Window Rate Exceeded
  ack_retry_rto_progress 8 ACK Retry RTO Progress
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  pattern_recognition_proceeded 8 Pattern Recognition: Engine Started
  port_drop 8 Inbound Packets Dropped
  ack_retry_rto_pass 8 ACK Retry RTO Passed
  outbound_port_rcvd 8 Outbound Packets Received
  src_filter_auth_fail 8 Src Filter Auth Failed
  src_syn_retry_rto_pass 8 Src SYN Retry RTO Passed
  src_syn_retry_reset 8 Src SYN Retry Timeout Reset
  port_rcvd 8 Inbound Packets Received
  conn_close_half_open 8 Half Open Connections Closed
  synack_multiple_attempts_per_ip_detected 8 SYNACK Multiple Attempts Per IP Detected
  src_syn_retry_rto_progress 8 Src SYN Retry RTO Progress
  conn_prate_excd 8 TCP Conn Pkt Rate Exceeded
  exceed_drop_crate_src 8 Src Conn Rate Exceeded
  src_rst_cookie_fail 8 Src RST Cookie Failed
  src_auth_drop 8 Src TCP Auth Dropped
  src_filter_action_drop 8 Src Filter Action Drop

stats udp-port

  Counter Size Description
       
  pattern_filter5_match 8 Extracted Filter5 Match
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  src_udp_retry_gap_drop 8 Src UDP Retry-Gap Dropped
  filter4_match 8 Filter4 Match
  spoof_detect_fail 8 UDP Retry Timeout
  sess_aged 8 Sessions Aged Out
  pattern_filter4_match 8 Extracted Filter4 Match
  pattern_filter1_match 8 Extracted Filter1 Match
  pattern_filter2_match 8 Extracted Filter2 Match
  wellknown_sport_drop 8 UDP SrcPort Wellknown
  src_filter_total_not_match 8 Src Filter Not Matched on Pkt
  src_udp_retry_init 8 Src UDP Retry Init
  src_payload_too_small 8 Src UDP Payload Too Small
  src_udp_retry_pass 8 Src UDP Retry Passed
  udp_retry_init 8 UDP Retry Init
  outbound_port_bytes 8 Outbound Bytes Received
  src_filter5_match 8 Src Filter5 Match
  sflow_external_packets_sent 8 Sflow External Packets Sent
  dst_hw_drop 8 Dst Hardware Packets Dropped
  port_bytes 8 Inbound Bytes Received
  frag_rcvd 8 Fragmented Packets Received
  src_filter_action_blacklist 8 Src Filter Action Blacklist
  pattern_filter3_match 8 Extracted Filter3 Match
  outbound_port_drop 8 Outbound Packets Dropped
  filter5_match 8 Filter5 Match
  src_filter4_match 8 Src Filter4 Match
  src_filter_action_default_pass 8 Src Filter Action Default Pass
  filter_total_not_match 8 Filter Not Matched on Pkt
  sflow_internal_packets_sent 8 Sflow Internal Packets Sent
  payload_too_small 8 UDP Payload Too Small
  src_payload_too_big 8 Src UDP Payload Too Large
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  exceed_action_tunnel 8 Exceed Action: Tunnel
  bl 8 Dst Blacklisted
  filter1_match 8 Filter1 Match
  ntp_monlist_resp 8 NTP Monlist Response
  sess_create_inbound 8 Inbound Sessions Created
  filter_auth_fail 8 Filter Auth Failed
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  src_filter1_match 8 Src Filter1 Match
  udp_retry_pass 8 UDP Retry Passed
  src_udp_auth_drop 8 Src UDP Auth Dropped
  sflow_external_samples_packed 8 Sflow External Samples Packed
  src_drop 8 Src Packets Dropped
  pattern_recognition_pattern_changed 8 Pattern Recognition: Pattern Change Detected
  port_drop 8 Inbound Packets Dropped
  filter_none_match 8 Filter No Match
  src_filter3_match 8 Src Filter3 Match
  ntp_monlist_req 8 NTP Monlist Request
  payload_too_big 8 UDP Payload Too Large
  port_conn_rate_exceed 8 Conn Rate Exceeded
  src_filter_none_match 8 Src Filter No Match
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  src_frag_drop 8 Src Fragmented Packets Dropped
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  udp_retry_gap_drop 8 UDP Retry-Gap Dropped
  filter_action_whitelist 8 Filter Action Whitelist
  src_conn_pkt_rate_excd 8 Src UDP Conn Pkt Rate Exceeded
  port_src_bl 8 Src Blacklisted
  outbound_port_rcvd 8 Outbound Packets Received
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  sess_create_outbound 8 Outbound Sessions Created
  pattern_filter_drop 8 Extracted Filter Drop
  pattern_recognition_proceeded 8 Pattern Recognition: Engine Started
  src_well_known_port 8 Src UDP SrcPort Wellknown
  filter_action_blacklist 8 Filter Action Blacklist
  port_pkt_sent 8 Inbound Packets Forwarded
  src_filter_action_whitelist 8 Src Filter Action Whitelist
  filter2_match 8 Filter2 Match
  frag_drop 8 Fragmented Packets Dropped
  pattern_not_found 8 Pattern Recognition: Pattern Not Found
  port_conn_limm_exceed 8 Conn Limit Exceeded
  filter3_match 8 Filter3 Match
  src_ntp_monlist_resp 8 Src NTP Monlist Response
  src_filter2_match 8 Src Filter2 Match
  sess_create 8 Session Create
  port_bytes_drop 8 Inbound Bytes Dropped
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  exceed_drop_climit_src 8 Src Conn Limit Exceeded
  udp_auth_drop 8 UDP Auth Dropped
  pattern_recognition_generic_error 8 Pattern Recognition: Exceptions
  src_ntp_monlist_req 8 Src NTP Monlist Request
  pattern_recognition_sampling_started 8 Pattern Recognition: Sampling Started
  sflow_internal_samples_packed 8 Sflow Internal Samples Packed
  filter_action_default_pass 8 Filter Action Default Pass
  filter_action_drop 8 Filter Action Drop
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  frag_timeout 8 Fragmented Packets Timeout
  src_filter_auth_fail 8 Src Filter Auth Failed
  port_rcvd 8 Inbound Packets Received
  conn_prate_excd 8 UDP Conn Pkt Rate Exceeded
  exceed_drop_crate_src 8 Src Conn Rate Exceeded
  src_filter_action_drop 8 Src Filter Action Drop
  src_udp_auth_timeout 8 Src UDP Retry Timeout

operational data

  Counter Size Description
       
  hw-blacklisted string hw-blacklisted
  entry-displayed-count number entry-displayed-count
  all-l4-types flag all-l4-types
  ddos_entry_list   ddos_entry_list
  service-displayed-count number service-displayed-count
  undefined-stats-port-num number undefined-stats-port-num
  undefined-port-hit-stats-wellknown   undefined-port-hit-stats-wellknown
  undefined-port-hit-stats-non-wellknown   undefined-port-hit-stats-non-wellknown
  undefined-port-hit-statistics flag undefined-port-hit-statistics