ddos dst entry ip-proto¶
DDOS IP protocol configuration
ip-proto Specification¶
Type
Collection
Object Key(s)
port-num
Collection Name
Collection URI
/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto
Element Name
ip-proto
Element URI
/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}
Element Attributes
ip-proto_attributes
Statistics Data URI
/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/stats
Operational Data URI
/axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num}/oper
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Create List | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Get Object | GET | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Get List | GET | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Modify Object | POST | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Replace Object | PUT | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} | ||
Replace List | PUT | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto | ||
Delete Object | DELETE | /axapi/v3/ddos/dst/entry/{dst-entry-name}/ip-proto/{port-num} |
ip-proto-list¶
ip-proto-list is JSON List of ip-proto attributes
ip-proto-list : [
]
ip-proto attributes¶
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
esp-inspect
Description: esp-inspect is a JSON Block. Please see below for esp-inspect
Type: Object
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
glid-exceed-action
Description: glid-exceed-action is a JSON Block. Please see below for glid-exceed-action
Type: Object
port-num
Description Protocol Number
Type: number
Range: 0-255
set-counter-base-val
Description Set T2 counter value of current context to specified value
Type: number
Range: 1-4294967295
template
Description: template is a JSON Block. Please see below for template
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
esp-inspect¶
Specification
Type
object
auth-algorithm
Description ‘AUTH_NULL’: No Integrity Check Value; ‘HMAC-SHA-1-96’: 96 bit Auth Algo; ‘HMAC-SHA-256-96’: 96 bit Auth Algo; ‘HMAC-SHA-256-128’: 128 bit Auth Algo; ‘HMAC-SHA-384-192’: 192 bit Auth Algo; ‘HMAC-SHA-512-256’: 256 bit Auth Algo; ‘HMAC-MD5-96’: 96 bit Auth Algo; ‘MAC-RIPEMD-160-96’: 96 bit Auth Algo;
Type: string
Supported Values: AUTH_NULL, HMAC-SHA-1-96, HMAC-SHA-256-96, HMAC-SHA-256-128, HMAC-SHA-384-192, HMAC-SHA-512-256, HMAC-MD5-96, MAC-RIPEMD-160-96
encrypt-algorithm
Description ‘NULL’: Null Encryption Algorithm;
Type: string
Supported Values: NULL
mode
Description ‘transport’: Transport mode;
Type: string
Supported Values: transport
template¶
Specification
Type
object
other
Description DDOS other template
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
glid-exceed-action¶
Specification
Type
object
stateless-encap-action-cfg
Description: stateless-encap-action-cfg is a JSON Block. Please see below for glid-exceed-action_stateless-encap-action-cfg
Type: Object
glid-exceed-action_stateless-encap-action-cfg¶
Specification
Type
object
encap-template
Description Apply legacy encap template for encap action
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/template/encap
stateless-encap-action
Description ‘stateless-tunnel-encap’: Encapsulate all packets; ‘stateless-tunnel-encap-scrubbed’: Encapsulate all packets and allow packets to go through other DDoS checks before sent (conn-limit exceeded packet can not be scrubbed, it will default to stateless-tunnel-encap);
Type: string
Supported Values: stateless-tunnel-encap, stateless-tunnel-encap-scrubbed
stats other-ipproto¶
Counter |
Size |
Description |
|
|---|---|---|---|
filter_none_match |
8 |
Filter No Match |
|
src_filter3_match |
8 |
Src Filter3 Match |
|
filter3_match |
8 |
Filter3 Match |
|
sflow_external_samples_packed |
8 |
Sflow External Samples Packed |
|
outbound_port_drop |
8 |
Outbound Packets Dropped |
|
src_filter2_match |
8 |
Src Filter2 Match |
|
sflow_external_packets_sent |
8 |
Sflow External Packets Sent |
|
port_bytes_drop |
8 |
Inbound Bytes Dropped |
|
exceed_drop_prate_src |
8 |
Src Pkt Rate Exceeded |
|
outbound_port_bytes_sent |
8 |
Outbound Bytes Forwarded |
|
dst_hw_drop |
8 |
Dst Hardware Packets Dropped |
|
filter_total_not_match |
8 |
Filter Not Matched on Pkt |
|
filter4_match |
8 |
Filter4 Match |
|
src_filter4_match |
8 |
Src Filter4 Match |
|
src_filter_action_default_pass |
8 |
Src Filter Action Default Pass |
|
src_filter_none_match |
8 |
Src Filter No Match |
|
port_bytes_sent |
8 |
Inbound Bytes Forwarded |
|
exceed_drop_brate_src |
8 |
Src KiBit Rate Exceeded |
|
src_frag_drop |
8 |
Src Fragmented Packets Dropped |
|
port_kbit_rate_exceed_pkt |
8 |
KiBit Rate Exceeded Count |
|
port_kbit_rate_exceed |
8 |
KiBit Rate Exceeded |
|
sflow_internal_packets_sent |
8 |
Sflow Internal Packets Sent |
|
sflow_internal_samples_packed |
8 |
Sflow Internal Samples Packed |
|
filter_action_default_pass |
8 |
Filter Action Default Pass |
|
filter_action_whitelist |
8 |
Filter Action Whitelist |
|
port_src_bl |
8 |
Src Blacklisted |
|
frag_timeout |
8 |
Fragmented Packets Timeout |
|
outbound_port_bytes_drop |
8 |
Outbound Bytes Dropped |
|
outbound_port_pkt_sent |
8 |
Outbound Packets Forwarded |
|
exceed_action_tunnel |
8 |
Exceed Action: Tunnel |
|
bl |
8 |
Dst Blacklisted |
|
src_filter_total_not_match |
8 |
Src Filter Not Matched on Pkt |
|
filter_action_drop |
8 |
Filter Action Drop |
|
filter1_match |
8 |
Filter1 Match |
|
filter_auth_fail |
8 |
Filter Auth Failed |
|
exceed_drop_brate_src_pkt |
8 |
Src KiBit Rate Exceeded Count |
|
src_filter1_match |
8 |
Src Filter1 Match |
|
filter_action_blacklist |
8 |
Filter Action Blacklist |
|
port_pkt_rate_exceed |
8 |
Packet Rate Exceeded |
|
port_pkt_sent |
8 |
Inbound Packets Forwarded |
|
outbound_port_rcvd |
8 |
Outbound Packets Received |
|
filter5_match |
8 |
Filter5 Match |
|
outbound_port_bytes |
8 |
Outbound Bytes Received |
|
src_filter_auth_fail |
8 |
Src Filter Auth Failed |
|
port_rcvd |
8 |
Inbound Packets Received |
|
src_filter5_match |
8 |
Src Filter5 Match |
|
src_filter_action_whitelist |
8 |
Src Filter Action Whitelist |
|
src_drop |
8 |
Src Packets Dropped |
|
port_bytes |
8 |
Inbound Bytes Received |
|
frag_rcvd |
8 |
Fragmented Packets Received |
|
src_filter_action_blacklist |
8 |
Src Filter Action Blacklist |
|
filter2_match |
8 |
Filter2 Match |
|
frag_drop |
8 |
Fragmented Packets Dropped |
|
port_drop |
8 |
Inbound Packets Dropped |
|
src_filter_action_drop |
8 |
Src Filter Action Drop |
operational data¶
Counter |
Size |
Description |
|
|---|---|---|---|
app-stat |
flag |
app-stat |
|
hw-blacklisted |
string |
hw-blacklisted |
|
all-src-ports |
flag |
all-src-ports |
|
all-ip-protos |
flag |
all-ip-protos |
|
entry-displayed-count |
number |
entry-displayed-count |
|
ddos_entry_list |
ddos_entry_list |
||
service-displayed-count |
number |
service-displayed-count |
|
all-ports |
flag |
all-ports |
|
domain-name |
string |
domain-name |
|
sflow-source-id |
flag |
sflow-source-id |
|
port-protocol |
string |
port-protocol |
|
suffix-request-rate |
flag |
suffix-request-rate |