ddos dst zone port zone-service-other¶
DDOS Port & Protocol configuration
zone-service-other Specification¶
Type
Collection
Object Key(s)
port-other, protocol
Collection Name
Collection URI
/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other
Element Name
zone-service-other
Element URI
/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}
Element Attributes
zone-service-other_attributes
Statistics Data URI
/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/stats
Operational Data URI
/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/oper
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other | ||
Create List | POST | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other | ||
Get Object | GET | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol} | ||
Get List | GET | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other | ||
Modify Object | POST | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol} | ||
Replace Object | PUT | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol} | ||
Replace List | PUT | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other | ||
Delete Object | DELETE | /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol} |
zone-service-other-list¶
zone-service-other-list is JSON List of zone-service-other attributes
zone-service-other-list : [
]
zone-service-other attributes¶
age
Description Idle age for ip entry
Type: number
Range: 2-1023
Default: 5
apply-policy-on-overflow
Description Enable this flag to apply overflow policy when dynamic entry count overflows
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
default-action-list
Description Configure default-action-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/action-list
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dynamic-entry-overflow-policy-list
enable-class-list-overflow
Description Apply class-list overflow policy upon exceeding dynamic entry count specified for this zone port or each class-list
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k
Description Enable ddos top-k source IP detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k-destination
Description Enable ddos top-k destination IP detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-cfg
Description: glid-cfg is a JSON Block. Please see below for glid-cfg
Type: Object
level-list
Type: List
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/level/{level-num}
manual-mode-enable
Description Toggle manual mode to use fix templates
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
manual-mode-list
Type: List
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/manual-mode/{config}
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry
Type: number
Range: 0-2147483647
outbound-only
Description Only allow outbound traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pattern-recognition
Description: pattern-recognition is a JSON Block. Please see below for pattern-recognition
Type: Object
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/pattern-recognition
pattern-recognition-pu-details
Description: pattern-recognition-pu-details is a JSON Block. Please see below for pattern-recognition-pu-details
Type: Object
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/pattern-recognition-pu-details
port-ind
Description: port-ind is a JSON Block. Please see below for port-ind
Type: Object
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/port-ind
port-other
Description ‘other’: other;
Type: string
Supported Values: other
protocol
Description ‘tcp’: TCP Port; ‘udp’: UDP Port;
Type: string
Supported Values: tcp, udp
set-counter-base-val
Description Set T2 counter value of current context to specified value
Type: number
Range: 1-4294967295
sflow-common
Description Enable all sFlow polling options under this zone port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-commonsflow-packets, sflow-tcp-basic and sflow-tcp-stateful are mutually exclusive
sflow-packets
Description Enable sFlow packet-level counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-packets and sflow-common are mutually exclusive
sflow-tcp
Description: sflow-tcp is a JSON Block. Please see below for sflow-tcp
Type: Object
src-based-policy-list
stateful
Description Enable stateful tracking of sessions (Default is stateless)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
topk-destinations
Description: topk-destinations is a JSON Block. Please see below for topk-destinations
Type: Object
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/topk-destinations
topk-dst-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-sources
Description: topk-sources is a JSON Block. Please see below for topk-sources
Type: Object
Refernce Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/topk-sources
unlimited-dynamic-entry-count
Description No limit for maximum dynamic src entry count
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
pattern-recognition¶
Specification
Type
object
algorithm
Description ‘heuristic’: heuristic algorithm;
Type: string
Supported Values: heuristic
capture-traffic
Description ‘all’: Capture all packets; ‘dropped’: Capture dropped packets (default);
Type: string
Supported Values: all, dropped
filter-inactive-threshold
Description Extracted filter inactive threshold
Type: number
Range: 5-255
filter-threshold
Description Extracted filter threshold
Type: number
Range: 0-100
mode
Description ‘capture-never-expire’: War-time capture without rate exceeding and never expires; ‘manual’: Manual mode;
Type: string
Supported Values: capture-never-expire, manual
sensitivity
Description ‘high’: High Sensitivity; ‘medium’: Medium Sensitivity; ‘low’: Low Sensitivity;
Type: string
Supported Values: high, medium, low
triggered-by
Description ‘zone-escalation’: Zone escalation trigger pattern recognition; ‘packet-rate-exceeds’: Packet rate limit exceeds trigger pattern recognition (default);
Type: string
Supported Values: zone-escalation, packet-rate-exceeds
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
dynamic-entry-overflow-policy-list¶
Specification
Type
list
Block object keys
action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for dynamic-entry-overflow-policy-list_zone-template
Type: Object
dynamic-entry-overflow-policy-list_zone-template¶
Specification
Type
object
dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
glid-cfg¶
Specification
Type
object
action-list
Description Configure action-list to take
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/action-list
glid
Description Global limit ID for the whole zone
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default if default-action-list is not configured); ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, ignore
per-addr-glid
Description Global limit ID per address
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
level-list¶
Specification
Type
list
Block object keys
apply-extracted-filters
Description Apply extracted filters from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
indicator-list
level-num
Description ‘0’: Default policy level; ‘1’: Policy level 1; ‘2’: Policy level 2; ‘3’: Policy level 3; ‘4’: Policy level 4;
Type: string
Supported Values: 0, 1, 2, 3, 4
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
src-escalation-score
Description Source activation score of this level
Type: number
Range: 1-1000000
src-violation-actions
Description Violation actions apply due to source escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/violation-actions
start-pattern-recognition
Description Start pattern recognition from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-escalation-score
Description Zone activation score of this level
Type: number
Range: 1-1000000
zone-template
Description: zone-template is a JSON Block. Please see below for level-list_zone-template
Type: Object
zone-violation-actions
Description Violation actions apply due to zone escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/violation-actions
level-list_zone-template¶
Specification
Type
object
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
level-list_indicator-list¶
Specification
Type
list
Block object keys
data-packet-size
Description Expected minimal data size
Type: number
Range: 1-1500
score
Description Score corresponding to the indicator
Type: number
Range: 1-1000000
src-threshold-num
Description Indicator per-src threshold
Type: number
Range: 1-2147483647
src-threshold-str
Description Indicator per-src threshold (Non-zero floating point)
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
src-violation-actions
Description Violation actions to use when this src indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/violation-actions
tcp-window-size
Description Expected minimal window size
Type: number
Range: 1-500
type
Description ‘pkt-rate’: rate of incoming packets; ‘pkt-drop-rate’: rate of packets got dropped; ‘bit-rate’: rate of incoming bits; ‘pkt-drop-ratio’: ratio of incoming packet rate divided by the rate of dropping packets; ‘bytes-to-bytes-from-ratio’: ratio of incoming packet rate divided by the rate of outgoing packets; ‘concurrent-conns’: number of concurrent connections; ‘conn-miss-rate’: rate of incoming packets for which no previously established connection exists; ‘syn-rate’: rate on incoming SYN packets; ‘fin-rate’: rate on incoming FIN packets; ‘rst-rate’: rate of incoming RST packets; ‘small-window-ack-rate’: rate of small window advertisement; ‘empty-ack-rate’: rate of incoming packets which have no payload; ‘small-payload-rate’: rate of short payload packet; ‘syn-fin-ratio’: ratio of incoming SYN packet rate divided by the rate of incoming FIN packets; ‘cpu-utilization’: average data CPU utilization; ‘interface-utilization’: outside interface utilization;
Type: string
Supported Values: pkt-rate, pkt-drop-rate, bit-rate, pkt-drop-ratio, bytes-to-bytes-from-ratio, concurrent-conns, conn-miss-rate, syn-rate, fin-rate, rst-rate, small-window-ack-rate, empty-ack-rate, small-payload-rate, syn-fin-ratio, cpu-utilization, interface-utilization
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-threshold-num
Description Threshold for the entire zone
Type: number
Range: 1-2147483647
zone-threshold-str
Description Threshold for the entire zone (Non-zero floating point)
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
zone-violation-actions
Description Violation actions to use when this zone indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/ddos/violation-actions
manual-mode-list¶
Specification
Type
list
Block object keys
config
Description ‘configuration’: Manual-mode configuration;
Type: string
Supported Values: configuration
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for manual-mode-list_zone-template
Type: Object
manual-mode-list_zone-template¶
Specification
Type
object
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
src-based-policy-list¶
Specification
Type
list
Block object keys
policy-class-list-list
src-based-policy-name
Description Specify name of the policy
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
src-based-policy-list_policy-class-list-list¶
Specification
Type
list
Block object keys
action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
class-list-name
Description Class-list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
class-list-overflow-policy-list
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry allowed for this class-list
Type: number
Range: 0-2147483647
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for src-based-policy-list_policy-class-list-list_zone-template
Type: Object
src-based-policy-list_policy-class-list-list_zone-template¶
Specification
Type
object
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ips
Description IPS template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list¶
Specification
Type
list
Block object keys
action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy for class-list;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template
Type: Object
src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template¶
Specification
Type
object
dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
pattern-recognition-pu-details¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
port-ind¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sflow-tcp¶
Specification
Type
object
sflow-tcp-basic
Description Enable sFlow basic TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-basic and sflow-common are mutually exclusive
sflow-tcp-stateful
Description Enable sFlow stateful TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-stateful and sflow-common are mutually exclusive
topk-sources¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
topk-destinations¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
stats tcp-zone-port¶
Counter |
Size |
Description |
|
|---|---|---|---|
src_ack_auth_fail |
8 |
Src ACK Retry Dropped |
|
src_well_known_port |
8 |
Src TCP SrcPort Wellknown |
|
tcp_rexmit_syn_limit_drop |
8 |
TCP SYN Retransmit Exceeded Drop |
|
secondary_port_kbit_rate_exceed_pkt |
8 |
Per Addr-Port KiBit Rate Exceeded Count |
|
outbound_port_bytes_sent |
8 |
Outbound Bytes Forwarded |
|
auth_drop |
8 |
TCP Auth Dropped |
|
filter_total_not_match |
8 |
Filter Not Matched on Pkt |
|
src_ack_retry_gap_drop |
8 |
Src ACK Retry Retry-Gap Dropped |
|
filter4_match |
8 |
Filter4 Match |
|
src_create_conn_non_syn_dropped |
8 |
Src Create Conn with non-SYN Packets Dropped |
|
prog_first_req_time_exceed |
8 |
Req-Resp: First Request Time Exceed |
|
sess_aged |
8 |
Sessions Aged Out |
|
pattern_filter4_match |
8 |
Extracted Filter4 Match |
|
pattern_filter1_match |
8 |
Extracted Filter1 Match |
|
conn_close |
8 |
Connections Closed |
|
syn_auth_fail |
8 |
SYN Auth Failed |
|
pattern_filter2_match |
8 |
Extracted Filter2 Match |
|
syn_retry_init |
8 |
SYN Retry Init |
|
secondary_port_kbit_rate_exceed |
8 |
Per Addr-Port KiBit Rate Exceeded |
|
pattern_filter5_match |
8 |
Extracted Filter5 Match |
|
secondary_port_hit |
8 |
Per Addr-Port Hit |
|
wellknown_sport_drop |
8 |
TCP SrcPort Wellknown |
|
prog_conn_time_exceed |
8 |
Connection: Time Exceed |
|
src_filter_total_not_match |
8 |
Src Filter Not Matched on Pkt |
|
port_syn_rate_exceed |
8 |
TCP SYN Rate Exceeded |
|
conn_rexmit_rate_excd |
8 |
TCP Conn Retransmit Rate Exceeded |
|
outbound_port_bytes |
8 |
Outbound Bytes Received |
|
prog_resp_req_ratio_exceed |
8 |
Req-Resp: Response to Request Ratio Exceed |
|
out_of_seq_excd |
8 |
Out-Of-Seq Exceeded |
|
conn_close_w_rst |
8 |
RST Connections Closed |
|
port_src_escalation |
8 |
Src Escalation |
|
dst_hw_drop |
8 |
Dst Hardware Packets Dropped |
|
filter_action_default_pass |
8 |
Filter Action Default Pass |
|
src_ack_retry_rto_progress |
8 |
Src ACK Retry RTO Progress |
|
src_filter_action_blacklist |
8 |
Src Filter Action Blacklist |
|
src_retransmit_excd |
8 |
Src Retransmit Exceeded |
|
pattern_filter3_match |
8 |
Extracted Filter3 Match |
|
tcp_rexmit_syn_limit_bl |
8 |
TCP SYN Retransmit Exceeded Blacklist |
|
prog_win_rcvd_sent_ratio_exceed |
8 |
Time Window: Received to Sent Exceed |
|
src_ack_retry_timeout |
8 |
Src ACK Retry Timeout |
|
dst_hw_drop_removed |
8 |
Dst Hardware Drop Rules Removed |
|
src_zone_service_entry_aged |
8 |
SrcZoneService Entry Aged |
|
src_filter5_match |
8 |
Src Filter5 Match |
|
outbound_port_drop |
8 |
Outbound Packets Dropped |
|
sflow_external_packets_sent |
8 |
Sflow External Packets Sent |
|
filter5_match |
8 |
Filter5 Match |
|
prog_conn_rcvd_exceed |
8 |
Connection: Received Exceed |
|
secondary_port_conn_rate_exceed |
8 |
Per Addr-Port Conn Rate Exceeded |
|
prog_conn_exceed_drop |
8 |
Connection: Violation Exceed Dropped |
|
port_bytes |
8 |
Inbound Bytes Received |
|
no_policy_class_list_match |
8 |
No Policy Class-list Match |
|
src_filter_action_default_pass |
8 |
Src Filter Action Default Pass |
|
syn_cookie_fail |
8 |
SYN Cookie Failed |
|
prog_request_len_exceed |
8 |
Req-Resp: Request Length Exceed |
|
src_syn_retry_rto_fail |
8 |
Src SYN Retry RTO Dropped |
|
syn_retry_rto_progress |
8 |
SYN Retry RTO Progress |
|
src_conn_rexmit_rate_excd |
8 |
Src TCP Conn Retransmit Rate Exceeded |
|
prog_win_exceed_bl |
8 |
Time Window: Violation Exceed Blacklisted |
|
src_out_of_seq_excd |
8 |
Src Out-Of-Seq Exceeded |
|
rst_cookie_fail |
8 |
RST Cookie Failed |
|
ack_retry_rto_fail |
8 |
ACK Retry RTO Dropped |
|
sflow_internal_packets_sent |
8 |
Sflow Internal Packets Sent |
|
snat_fail |
8 |
Source NAT Failure |
|
frag_rcvd |
8 |
Fragmented Packets Received |
|
src_syn_retry_init |
8 |
Src SYN Retry Init |
|
outbound_port_bytes_drop |
8 |
Outbound Bytes Dropped |
|
syn_retry_rto_pass |
8 |
SYN Retry RTO Passed |
|
exceed_action_tunnel |
8 |
Exceed Action: Tunnel |
|
bl |
8 |
Dst Blacklisted |
|
filter1_match |
8 |
Filter1 Match |
|
auth_resp |
8 |
TCP Auth Responded |
|
sess_create_inbound |
8 |
Inbound Sessions Created |
|
filter_auth_fail |
8 |
Filter Auth Failed |
|
conn_create_from_syn |
8 |
Connections Created From SYN |
|
exceed_drop_brate_src_pkt |
8 |
Src KiBit Rate Exceeded Count |
|
secondary_port_conn_limm_exceed |
8 |
Per Addr-Port Conn Limit Exceeded |
|
prog_conn_sent_exceed |
8 |
Connection: Sent Exceed |
|
prog_exceed_drop |
8 |
Req-Resp: Violation Exceed Dropped |
|
src_hw_drop_removed |
8 |
Src Hardware Drop Rules Removed |
|
src_zero_window_excd |
8 |
Src Zero-Window Exceeded |
|
ack_auth_fail |
8 |
ACK Retry Dropped |
|
sflow_external_samples_packed |
8 |
Sflow External Samples Packed |
|
src_drop |
8 |
Src Packets Dropped |
|
syn_retry_blacklist |
8 |
SYN Retry Timeout Blacklisted |
|
synack_reset_sent |
8 |
SYNACK Reset Sent |
|
pattern_recognition_pattern_changed |
8 |
Pattern Recognition: Pattern Change Detected |
|
src_conn_ofo_rate_excd |
8 |
Src TCP Conn Out-Of-Seq Rate Exceeded |
|
syn_retry_gap_drop |
8 |
SYN Retry-Gap Dropped |
|
prog_resp_req_time_exceed |
8 |
Req-Resp: Response to Request Time Exceed |
|
conn_create_from_ack |
8 |
Connections Created From ACK |
|
filter_none_match |
8 |
Filter No Match |
|
src_filter3_match |
8 |
Src Filter3 Match |
|
src_syn_retry_gap_drop |
8 |
Src SYN Retry-Gap Dropped |
|
prog_exceed_bl |
8 |
Req-Resp: Violation Exceed Blacklisted |
|
src_zone_service_entry_learned |
8 |
SrcZoneService Entry Learned |
|
syn_drop |
8 |
SYN Dropped |
|
src_filter1_match |
8 |
Src Filter1 Match |
|
src_syn_rate_exceed |
8 |
Src TCP SYN Rate Exceeded |
|
port_conn_rate_exceed |
8 |
Conn Rate Exceeded |
|
prog_win_rcvd_exceed |
8 |
Time Window: Received Exceed |
|
src_syn_retry_timeout |
8 |
Src SYN Retry Timeout |
|
prog_conn_exceed_bl |
8 |
Connection: Violation Exceed Blacklisted |
|
src_filter_none_match |
8 |
Src Filter No Match |
|
port_kbit_rate_exceed_pkt |
8 |
KiBit Rate Exceeded Count |
|
dst_hw_drop_inserted |
8 |
Dst Hardware Drop Rules Inserted |
|
unauth_drop |
8 |
TCP Unauth Dropped |
|
src_syn_cookie_sent |
8 |
Src SYN Cookie Sent |
|
port_bytes_sent |
8 |
Inbound Bytes Forwarded |
|
exceed_drop_brate_src |
8 |
Src KiBit Rate Exceeded |
|
ack_retry_timeout |
8 |
ACK Retry Timeout |
|
src_frag_drop |
8 |
Src Fragmented Packets Dropped |
|
syn_retry_timeout |
8 |
SYN Retry Timeout |
|
syn_tfo_rcv |
8 |
SYN TFO Received |
|
port_kbit_rate_exceed |
8 |
KiBit Rate Exceeded |
|
src_unauth_drop |
8 |
Src TCP Unauth Dropped |
|
filter_action_whitelist |
8 |
Filter Action WL |
|
src_conn_pkt_rate_excd |
8 |
Src TCP Conn Pkt Rate Exceeded |
|
port_src_bl |
8 |
Src Blacklisted |
|
frag_timeout |
8 |
Fragmented Packets Timeout |
|
outbound_port_pkt_sent |
8 |
Outbound Packets Forwarded |
|
sess_create_outbound |
8 |
Outbound Sessions Created |
|
pattern_filter_drop |
8 |
Extracted Filter Drop |
|
conn_close_w_fin |
8 |
FIN Connections Closed |
|
src_syn_retry_blacklist |
8 |
Src SYN Retry Timeout Blacklisted |
|
src_ack_retry_rto_pass |
8 |
Src ACK Retry RTO Passed |
|
src_conn_zwindow_rate_excd |
8 |
Src TCP Conn Zero-Window Rate Exceeded |
|
src_ack_retry_init |
8 |
Src ACK Retry Init |
|
ack_retry_blacklist |
8 |
ACK Retry Timeout Blacklisted |
|
filter_action_blacklist |
8 |
Filter Action Blacklist |
|
port_pkt_sent |
8 |
Inbound Packets Forwarded |
|
syn_auth_pass |
8 |
SYN Auth Passed |
|
syn_retry_rto_fail |
8 |
SYN Retry RTO Dropped |
|
prog_req_resp_time_exceed |
8 |
Req-Resp: Request to Response Time Exceed |
|
syn_cookie_sent |
8 |
SYN Cookie Sent |
|
retransmit_excd |
8 |
Retransmit Exceeded |
|
src_syn_auth_fail |
8 |
Src SYN Auth Failed |
|
src_filter_action_whitelist |
8 |
Src Filter Action WL |
|
zero_window_excd |
8 |
Zero-Window Exceeded |
|
src_ack_retry_reset |
8 |
Src ACK Retry Timeout Reset |
|
conn_ofo_rate_excd |
8 |
TCP Conn Out-Of-Seq Rate Exceeded |
|
filter2_match |
8 |
Filter2 Match |
|
src_ack_retry_blacklist |
8 |
Src ACK Retry Timeout Blacklisted |
|
frag_drop |
8 |
Fragmented Packets Dropped |
|
pattern_not_found |
8 |
Pattern Recognition: Pattern Not Found |
|
syn_retry_reset |
8 |
SYN Retry Timeout Reset |
|
prog_response_len_exceed |
8 |
Req-Resp: Response Length Exceed |
|
port_conn_limm_exceed |
8 |
Conn Limit Exceeded |
|
filter3_match |
8 |
Filter3 Match |
|
exceed_drop_climit_src |
8 |
Src Conn Limit Exceeded |
|
conn_close_w_idle |
8 |
Idle Connections Closed |
|
secondary_port_pkt_rate_exceed |
8 |
Per Addr-Port Packet Rate Exceeded |
|
src_filter2_match |
8 |
Src Filter2 Match |
|
sess_create |
8 |
Session Create |
|
port_bytes_drop |
8 |
Inbound Bytes Dropped |
|
exceed_drop_prate_src |
8 |
Src Pkt Rate Exceeded |
|
ack_retry_pass |
8 |
ACK Retry Passed |
|
pattern_recognition_generic_error |
8 |
Pattern Recognition: Exceptions |
|
ack_retry_reset |
8 |
ACK Retry Timeout Reset |
|
src_syn_cookie_fail |
8 |
Src SYN Cookie Failed |
|
syn_retry_failed |
8 |
SYN Retry Dropped |
|
pattern_recognition_sampling_started |
8 |
Pattern Recognition: Sampling Started |
|
ack_retry_init |
8 |
ACK Retry Init |
|
prog_conn_rcvd_sent_ratio_exceed |
8 |
Connection: Reveived to Sent Ratio Exceed |
|
src_filter4_match |
8 |
Src Filter4 Match |
|
sflow_internal_samples_packed |
8 |
Sflow Internal Samples Packed |
|
ack_retry_gap_drop |
8 |
ACK Retry Retry-Gap Dropped |
|
create_conn_non_syn_dropped |
8 |
Create Conn with non-SYN Packets Dropped |
|
syn_retry_pass |
8 |
SYN Retry Passed |
|
current_es_level |
8 |
Current Escalation Level |
|
src_syn_retry_failed |
8 |
Src SYN Retry Dropped |
|
filter_action_drop |
8 |
Filter Action Drop |
|
src_ack_retry_rto_fail |
8 |
Src ACK Retry RTO Dropped |
|
conn_zwindow_rate_excd |
8 |
TCP Conn Zero-Window Rate Exceeded |
|
ack_retry_rto_progress |
8 |
ACK Retry RTO Progress |
|
port_pkt_rate_exceed |
8 |
Packet Rate Exceeded |
|
prog_win_exceed_drop |
8 |
Time Window: Violation Exceed Dropped |
|
pattern_recognition_proceeded |
8 |
Pattern Recognition: Engine Started |
|
port_drop |
8 |
Inbound Packets Dropped |
|
ack_retry_rto_pass |
8 |
ACK Retry RTO Passed |
|
outbound_port_rcvd |
8 |
Outbound Packets Received |
|
src_filter_auth_fail |
8 |
Src Filter Auth Failed |
|
src_syn_retry_rto_pass |
8 |
Src SYN Retry RTO Passed |
|
src_syn_retry_reset |
8 |
Src SYN Retry Timeout Reset |
|
port_rcvd |
8 |
Inbound Packets Received |
|
conn_close_half_open |
8 |
Half Open Connections Closed |
|
src_hw_drop_inserted |
8 |
Src Hardware Drop Rules Inserted |
|
prog_win_sent_exceed |
8 |
Time Window: Sent Exceed |
|
synack_multiple_attempts_per_ip_detected |
8 |
SYNACK Multiple Attempts Per IP Detected |
|
src_syn_retry_rto_progress |
8 |
Src SYN Retry RTO Progress |
|
conn_prate_excd |
8 |
TCP Conn Pkt Rate Exceeded |
|
exceed_drop_crate_src |
8 |
Src Conn Rate Exceeded |
|
src_rst_cookie_fail |
8 |
Src RST Cookie Failed |
|
src_auth_drop |
8 |
Src TCP Auth Dropped |
|
src_filter_action_drop |
8 |
Src Filter Action Drop |
stats udp-zone-port¶
Counter |
Size |
Description |
|
|---|---|---|---|
secondary_port_kbit_rate_exceed_pkt |
8 |
Per Addr-Port KiBit Rate Exceeded Count |
|
snat_fail |
8 |
Source NAT Failure |
|
pattern_filter5_match |
8 |
Extracted Filter5 Match |
|
token_authentication_prev_salt_matched |
8 |
Token Authentication Previous Salt Matched |
|
frag_drop |
8 |
Fragmented Packets Dropped |
|
outbound_port_bytes_sent |
8 |
Outbound Bytes Forwarded |
|
src_udp_retry_gap_drop |
8 |
Src UDP Retry-Gap Dropped |
|
filter4_match |
8 |
Filter4 Match |
|
spoof_detect_fail |
8 |
UDP Retry Timeout |
|
sess_aged |
8 |
Sessions Aged Out |
|
pattern_filter4_match |
8 |
Extracted Filter4 Match |
|
pattern_filter1_match |
8 |
Extracted Filter1 Match |
|
pattern_filter2_match |
8 |
Extracted Filter2 Match |
|
secondary_port_kbit_rate_exceed |
8 |
Per Addr-Port KiBit Rate Exceeded |
|
token_authentication_curr_salt_matched |
8 |
Token Authentication Current Salt Matched |
|
secondary_port_hit |
8 |
Per Addr-Port Hit |
|
wellknown_sport_drop |
8 |
UDP SrcPort Wellknown |
|
src_filter_total_not_match |
8 |
Src Filter Not Matched on Pkt |
|
src_udp_retry_init |
8 |
Src UDP Retry Init |
|
src_payload_too_small |
8 |
Src UDP Payload Too Small |
|
src_udp_retry_pass |
8 |
Src UDP Retry Passed |
|
udp_retry_init |
8 |
UDP Retry Init |
|
outbound_port_bytes |
8 |
Outbound Bytes Received |
|
src_filter5_match |
8 |
Src Filter5 Match |
|
port_src_escalation |
8 |
Src Escalation |
|
dst_hw_drop |
8 |
Dst Hardware Packets Dropped |
|
port_bytes |
8 |
Inbound Bytes Received |
|
frag_rcvd |
8 |
Fragmented Packets Received |
|
src_filter_action_blacklist |
8 |
Src Filter Action Blacklist |
|
pattern_filter3_match |
8 |
Extracted Filter3 Match |
|
dst_hw_drop_removed |
8 |
Dst Hardware Drop Rules Removed |
|
src_zone_service_entry_aged |
8 |
SrcZoneService Entry Aged |
|
outbound_port_drop |
8 |
Outbound Packets Dropped |
|
sflow_external_packets_sent |
8 |
Sflow External Packets Sent |
|
filter5_match |
8 |
Filter5 Match |
|
token_authentication_session_created |
8 |
Token Authentication Session Created |
|
no_policy_class_list_match |
8 |
No Policy Class-list Match |
|
src_filter_action_default_pass |
8 |
Src Filter Action Default Pass |
|
zone_src_udp_retry_timeout_blacklist |
8 |
Src UDP Retry Timeout Blacklisted |
|
filter_total_not_match |
8 |
Filter Not Matched on Pkt |
|
sflow_internal_packets_sent |
8 |
Sflow Internal Packets Sent |
|
payload_too_small |
8 |
UDP Payload Too Small |
|
src_payload_too_big |
8 |
Src UDP Payload Too Large |
|
outbound_port_bytes_drop |
8 |
Outbound Bytes Dropped |
|
exceed_action_tunnel |
8 |
Exceed Action: Tunnel |
|
bl |
8 |
Dst Blacklisted |
|
filter1_match |
8 |
Filter1 Match |
|
ntp_monlist_resp |
8 |
NTP Monlist Response |
|
sess_create_inbound |
8 |
Inbound Sessions Created |
|
filter_auth_fail |
8 |
Filter Auth Failed |
|
exceed_drop_brate_src_pkt |
8 |
Src KiBit Rate Exceeded Count |
|
src_filter1_match |
8 |
Src Filter1 Match |
|
udp_retry_pass |
8 |
UDP Retry Passed |
|
src_hw_drop_removed |
8 |
Src Hardware Drop Rules Removed |
|
dst_udp_retry_timeout_blacklist |
8 |
UDP Retry Timeout Blacklisted |
|
src_udp_auth_drop |
8 |
Src UDP Auth Dropped |
|
sflow_external_samples_packed |
8 |
Sflow External Samples Packed |
|
src_drop |
8 |
Src Packets Dropped |
|
pattern_recognition_pattern_changed |
8 |
Pattern Recognition: Pattern Change Detected |
|
port_drop |
8 |
Inbound Packets Dropped |
|
filter_none_match |
8 |
Filter No Match |
|
src_filter3_match |
8 |
Src Filter3 Match |
|
ntp_monlist_req |
8 |
NTP Monlist Request |
|
src_zone_service_entry_learned |
8 |
SrcZoneService Entry Learned |
|
payload_too_big |
8 |
UDP Payload Too Large |
|
token_authentication_session_created_fail |
8 |
Token Authentication Session Created Fail |
|
port_conn_rate_exceed |
8 |
Conn Rate Exceeded |
|
src_filter_none_match |
8 |
Src Filter No Match |
|
port_kbit_rate_exceed_pkt |
8 |
KiBit Rate Exceeded Count |
|
port_bytes_sent |
8 |
Inbound Bytes Forwarded |
|
exceed_drop_brate_src |
8 |
Src KiBit Rate Exceeded |
|
src_frag_drop |
8 |
Src Fragmented Packets Dropped |
|
port_kbit_rate_exceed |
8 |
KiBit Rate Exceeded |
|
udp_retry_gap_drop |
8 |
UDP Retry-Gap Dropped |
|
filter_action_whitelist |
8 |
Filter Action Whitelist |
|
src_conn_pkt_rate_excd |
8 |
Src UDP Conn Pkt Rate Exceeded |
|
port_src_bl |
8 |
Src Blacklisted |
|
outbound_port_rcvd |
8 |
Outbound Packets Received |
|
outbound_port_pkt_sent |
8 |
Outbound Packets Forwarded |
|
sess_create_outbound |
8 |
Outbound Sessions Created |
|
pattern_filter_drop |
8 |
Extracted Filter Drop |
|
pattern_recognition_proceeded |
8 |
Pattern Recognition: Engine Started |
|
src_well_known_port |
8 |
Src UDP SrcPort Wellknown |
|
filter_action_blacklist |
8 |
Filter Action Blacklist |
|
port_pkt_sent |
8 |
Inbound Packets Forwarded |
|
src_filter_action_whitelist |
8 |
Src Filter Action Whitelist |
|
secondary_port_conn_rate_exceed |
8 |
Per Addr-Port Conn Rate Exceeded |
|
dst_hw_drop_inserted |
8 |
Dst Hardware Drop Rules Inserted |
|
filter2_match |
8 |
Filter2 Match |
|
secondary_port_conn_limm_exceed |
8 |
Per Addr-Port Conn Limit Exceeded |
|
pattern_not_found |
8 |
Pattern Recognition: Pattern Not Found |
|
port_conn_limm_exceed |
8 |
Conn Limit Exceeded |
|
filter3_match |
8 |
Filter3 Match |
|
src_ntp_monlist_resp |
8 |
Src NTP Monlist Response |
|
secondary_port_pkt_rate_exceed |
8 |
Per Addr-Port Packet Rate Exceeded |
|
src_filter2_match |
8 |
Src Filter2 Match |
|
sess_create |
8 |
Session Create |
|
port_bytes_drop |
8 |
Inbound Bytes Dropped |
|
exceed_drop_prate_src |
8 |
Src Pkt Rate Exceeded |
|
exceed_drop_climit_src |
8 |
Src Conn Limit Exceeded |
|
udp_auth_drop |
8 |
UDP Auth Dropped |
|
pattern_recognition_generic_error |
8 |
Pattern Recognition: Exceptions |
|
src_ntp_monlist_req |
8 |
Src NTP Monlist Request |
|
token_authentication_mismatched |
8 |
Token Authentication Mismatched Packets |
|
pattern_recognition_sampling_started |
8 |
Pattern Recognition: Sampling Started |
|
src_filter4_match |
8 |
Src Filter4 Match |
|
sflow_internal_samples_packed |
8 |
Sflow Internal Samples Packed |
|
filter_action_default_pass |
8 |
Filter Action Default Pass |
|
current_es_level |
8 |
Current Escalation Level |
|
filter_action_drop |
8 |
Filter Action Drop |
|
token_authentication_invalid |
8 |
Token Authentication Invalid Packets |
|
port_pkt_rate_exceed |
8 |
Packet Rate Exceeded |
|
frag_timeout |
8 |
Fragmented Packets Timeout |
|
src_filter_auth_fail |
8 |
Src Filter Auth Failed |
|
port_rcvd |
8 |
Inbound Packets Received |
|
src_hw_drop_inserted |
8 |
Src Hardware Drop Rules Inserted |
|
conn_prate_excd |
8 |
UDP Conn Pkt Rate Exceeded |
|
exceed_drop_crate_src |
8 |
Src Conn Rate Exceeded |
|
src_filter_action_drop |
8 |
Src Filter Action Drop |
|
src_udp_auth_timeout |
8 |
Src UDP Retry Timeout |
operational data¶
Counter |
Size |
Description |
|
|---|---|---|---|
app-stat |
flag |
app-stat |
|
black-listed |
flag |
black-listed |
|
authenticated |
flag |
authenticated |
|
l4-ext-rate |
flag |
l4-ext-rate |
|
overflow-policy |
flag |
overflow-policy |
|
class-list |
string |
class-list |
|
entry-displayed-count |
number |
entry-displayed-count |
|
subnet-ip-addr |
ipv4-cidr |
subnet-ip-addr |
|
exceeded |
flag |
exceeded |
|
ddos_entry_list |
ddos_entry_list |
||
service-displayed-count |
number |
service-displayed-count |
|
white-listed |
flag |
white-listed |
|
sources |
flag |
sources |
|
hw-blacklisted |
flag |
hw-blacklisted |
|
ipv6 |
ipv6-address |
ipv6 |
|
sources-all-entries |
flag |
sources-all-entries |
|
indicator-detail |
flag |
indicator-detail |
|
level |
flag |
level |
|
subnet-ipv6-addr |
ipv6-address-plen |
subnet-ipv6-addr |
|
indicators |
flag |
indicators |