fw¶
Firewall
fw Specification¶
Type
Intermediate Resource
Element Name
fw
Element URI
/axapi/v3/fw
Element Attributes
fw_attributes
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/fw | fw_attributes |
fw attributes¶
active-rule-set
Description: active-rule-set is a JSON Block. Please see below for active-rule-set
Type: Object
Refernce Object: /axapi/v3/fw/active-rule-set
alg
Description: alg is a JSON Block. Please see below for alg
Type: Object
Refernce Object: /axapi/v3/fw/alg
app
Description: app is a JSON Block. Please see below for app
Type: Object
Refernce Object: /axapi/v3/fw/app
apply-changes
Description: apply-changes is a JSON Block. Please see below for apply-changes
Type: Object
Refernce Object: /axapi/v3/fw/apply-changes
clear-session-filter
Description: clear-session-filter is a JSON Block. Please see below for clear-session-filter
Type: Object
Refernce Object: /axapi/v3/fw/clear-session-filter
ddos-protection
Description: ddos-protection is a JSON Block. Please see below for ddos-protection
Type: Object
Refernce Object: /axapi/v3/fw/ddos-protection
full-cone-session
Description: full-cone-session is a JSON Block. Please see below for full-cone-session
Type: Object
Refernce Object: /axapi/v3/fw/full-cone-session
global
Description: global is a JSON Block. Please see below for global
Type: Object
Refernce Object: /axapi/v3/fw/global
gtp
Description: gtp is a JSON Block. Please see below for gtp
Type: Object
Refernce Object: /axapi/v3/fw/gtp
helper-sessions
Description: helper-sessions is a JSON Block. Please see below for helper-sessions
Type: Object
Refernce Object: /axapi/v3/fw/helper-sessions
limit-entry
Description: limit-entry is a JSON Block. Please see below for limit-entry
Type: Object
Refernce Object: /axapi/v3/fw/limit-entry
local-log
Description: local-log is a JSON Block. Please see below for local-log
Type: Object
Refernce Object: /axapi/v3/fw/local-log
logging
Description: logging is a JSON Block. Please see below for logging
Type: Object
Refernce Object: /axapi/v3/fw/logging
per-instance
Description: per-instance is a JSON Block. Please see below for per-instance
Type: Object
Refernce Object: /axapi/v3/fw/per-instance
radius
Description: radius is a JSON Block. Please see below for radius
Type: Object
Refernce Object: /axapi/v3/fw/radius
rate-limit
Description: rate-limit is a JSON Block. Please see below for rate-limit
Type: Object
Refernce Object: /axapi/v3/fw/rate-limit
resource-usage
Description: resource-usage is a JSON Block. Please see below for resource-usage
Type: Object
Refernce Object: /axapi/v3/fw/resource-usage
server-list
Type: List
Refernce Object: /axapi/v3/fw/server/{name}
service-group-list
Type: List
Refernce Object: /axapi/v3/fw/service-group/{name}
session-aging-list
Type: List
Refernce Object: /axapi/v3/fw/session-aging/{name}
status
Description: status is a JSON Block. Please see below for status
Type: Object
Refernce Object: /axapi/v3/fw/status
system-status
Description: system-status is a JSON Block. Please see below for system-status
Type: Object
Refernce Object: /axapi/v3/fw/system-status
tap-monitor
Description: tap-monitor is a JSON Block. Please see below for tap-monitor
Type: Object
Refernce Object: /axapi/v3/fw/tap-monitor
tcp
Description: tcp is a JSON Block. Please see below for tcp
Type: Object
Refernce Object: /axapi/v3/fw/tcp
tcp-rst-close-immediate
Description: tcp-rst-close-immediate is a JSON Block. Please see below for tcp-rst-close-immediate
Type: Object
Refernce Object: /axapi/v3/fw/tcp-rst-close-immediate
tcp-window-check
Description: tcp-window-check is a JSON Block. Please see below for tcp-window-check
Type: Object
Refernce Object: /axapi/v3/fw/tcp-window-check
template
Description: template is a JSON Block. Please see below for template
Type: Object
Refernce Object: /axapi/v3/fw/template
top-k-rules
Description: top-k-rules is a JSON Block. Please see below for top-k-rules
Type: Object
Refernce Object: /axapi/v3/fw/top-k-rules
urpf
Description: urpf is a JSON Block. Please see below for urpf
Type: Object
Refernce Object: /axapi/v3/fw/urpf
vrid
Description: vrid is a JSON Block. Please see below for vrid
Type: Object
Refernce Object: /axapi/v3/fw/vrid
apply-changes¶
Specification
Type
object
forced
Description Force recompile rule-set
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
alg¶
Specification
Type
object
dns
Description: dns is a JSON Block. Please see below for alg_dns
Type: Object
Refernce Object: /axapi/v3/fw/alg/dns
esp
Description: esp is a JSON Block. Please see below for alg_esp
Type: Object
Refernce Object: /axapi/v3/fw/alg/esp
ftp
Description: ftp is a JSON Block. Please see below for alg_ftp
Type: Object
Refernce Object: /axapi/v3/fw/alg/ftp
icmp
Description: icmp is a JSON Block. Please see below for alg_icmp
Type: Object
Refernce Object: /axapi/v3/fw/alg/icmp
pptp
Description: pptp is a JSON Block. Please see below for alg_pptp
Type: Object
Refernce Object: /axapi/v3/fw/alg/pptp
rtsp
Description: rtsp is a JSON Block. Please see below for alg_rtsp
Type: Object
Refernce Object: /axapi/v3/fw/alg/rtsp
sip
Description: sip is a JSON Block. Please see below for alg_sip
Type: Object
Refernce Object: /axapi/v3/fw/alg/sip
tftp
Description: tftp is a JSON Block. Please see below for alg_tftp
Type: Object
Refernce Object: /axapi/v3/fw/alg/tftp
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_ftp¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable FTP ALG default port 21;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_sip¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable SIP ALG default port 5060;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_esp¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable ESP ALG default port 500;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_pptp¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable PPTP ALG default port 1723;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_rtsp¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable RTSP ALG default port 554;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_dns¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable DNS ALG default port 53;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_tftp¶
Specification
Type
object
default-port-disable
Description ‘default-port-disable’: Disable TFTP ALG default port 69;
Type: string
Supported Values: default-port-disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
alg_icmp¶
Specification
Type
object
disable
Description ‘disable’: Disable ICMP ALG which allows ICMP errors to pass the firewall;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
app¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
global¶
Specification
Type
object
alg-processing
Description ‘honor-rule-set’: Honors firewall rule-sets (Default); ‘override-rule-set’: Override firewall rule-sets;
Type: string
Supported Values: honor-rule-set, override-rule-set
Default: honor-rule-set
disable-app-list
Type: List
disable-application-metrics
Description Disable exporting application protocol/category statistics to Harmony Controller
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-ip-fw-sessions
Description disable create sessions for non TCP/UDP/ICMP
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
extended-matching
Description ‘disable’: Disable extended matching;
Type: string
Supported Values: disable
listen-on-port-timeout
Description STUN timeout (default: 2 minutes)
Type: number
Range: 0-60
Default: 2
natip-ddos-protection
Description ‘enable’: Enable; ‘disable’: Disable;
Type: string
Supported Values: enable, disable
Default: enable
permit-default-action
Description ‘forward’: Forward; ‘next-service-mode’: Service to be applied chosen based on configuration;
Type: string
Supported Values: forward, next-service-mode
respond-to-user-mac
Description Use the user’s source MAC for the next hop rather than the routing table (default: off)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
global_disable-app-list¶
Specification
Type
list
Block object keys
disable-application-category
Description ‘aaa’: Protocol/application used for AAA (Authentification, Authorization and Accounting) purposes.; ‘adult-content’: Adult content protocol/application.; ‘advertising’: Advertising networks and applications.; ‘aetls’: Application known to enforce HSTS and thus use of TLS.; ‘analytics-and-statistics’: User analytics and statistics protocol/application.; ‘anonymizers-and-proxies’: Traffic-anonymization protocol/application.; ‘audio-chat’: Protocol/application used for Audio Chat.; ‘basic’: Covers all protocols required for basic classification, including most networking protocols as well as standard protocols like HTTP.; ‘blog’: Blogging platform protocol/application.; ‘cdn’: Protocol/application used for Content-Delivery Networks.; ‘certification-authority’: Certification Authority for SSL/TLS certificate.; ‘chat’: Protocol/application used for Text Chat.; ‘classified-ads’: Protocol/application used for Classified Advertisements.; ‘cloud-based-services’: SaaS and/or PaaS cloud based services.; ‘crowdfunding’: Service for funding a project or venture by raising small amounts of money from a large number of people, typically via the Internet.; ‘cryptocurrency’: Services for mining cryptocurrencies, for example a Crypto Web Browser (an application that mines crypto currency in the background while its user browses the web).; ‘database’: Database-specific protocols.; ‘disposable-email’: Service offering Disposable Email Accounts (DEA). DEA is a technique to share temporary email address between many users.; ‘ebook-reader’: Services for e-book readers, i.e. connected devices that display electronic books (typically using e-ink displays to reduce glare and eye strain).; ‘education’: Protocols offering education services and online courses.; ‘email’: Native email protocol.; ‘enterprise’: Protocol/application used in an enterprise network.; ‘file-management’: Protocol/application designed specifically for file management and exchange. This can include bona fide network protocols (like SMB) as well as web/cloud services (like Dropbox).; ‘file-transfer’: Protocol that offers file transferring as a secondary feature. This typically includes IM, WebMail, and other protocols that allow file transfers in addition to their principal function.; ‘forum’: Online forum protocol/application.; ‘gaming’: Protocol/application used by games.; ‘healthcare’: Protocols offering medical services, i.e protocols used in medical environment.; ‘instant-messaging-and-multimedia-conferencing’: Protocol/application used for Instant Messaging or Multi-Conferencing.; ‘internet-of-things’: Internet Of Things protocol/application.; ‘map-service’: Digital Maps service (web site and their related API).; ‘mobile’: Mobile-specific protocol/application.; ‘multimedia-streaming’: Protocol/application used for multimedia streaming.; ‘networking’: Protocol used for (inter) networking purpose.; ‘news-portal’: Protocol/application used for News Portals.; ‘payment-service’: Application offering online services for accepting electronic payments by a variety of payment methods (credit card, bank-based payments such as direct debit, bank transfer, etc).; ‘peer-to-peer’: Protocol/application used for Peer-to-peer purposes.; ‘remote-access’: Protocol/application used for remote access.; ‘scada’: SCADA (Supervisory control and data acquisition) protocols, all generations.; ‘social-networks’: Social networking application.; ‘software-update’: Auto-update protocol.; ‘speedtest’: Speedtest application allowing to access quality of Internet connection (upload, download, latency, etc).; ‘standards-based’: Protocol issued from standardized bodies such as IETF, ITU, IEEE, ETSI, OIF.; ‘transportation’: Transportation services, for example smartphone applications that allow users to hail a taxi.; ‘video-chat’: Protocol/application used for Video Chat.; ‘voip’: Application used for Voice-Over-IP.; ‘vpn-tunnels’: Protocol/application used for VPN or tunneling purposes.; ‘web’: Application based on HTTP/HTTPS.; ‘web-e-commerce’: Protocol/application used for E-commerce websites.; ‘web-search-engines’: Protocol/application used for Web search portals.; ‘web-websites’: Protocol/application used for Company Websites.; ‘webmails’: Web-based e-mail application.; ‘web-ext-adult’: Web Extension Adult; ‘web-ext-auctions’: Web Extension Auctions; ‘web-ext-blogs’: Web Extension Blogs; ‘web-ext-business-and-economy’: Web Extension Business and Economy; ‘web-ext-cdns’: Web Extension CDNs; ‘web-ext-collaboration’: Web Extension Collaboration; ‘web-ext-computer-and-internet-info’: Web Extension Computer and Internet Info; ‘web-ext-computer-and-internet-security’: Web Extension Computer and Internet Security; ‘web-ext-dating’: Web Extension Dating; ‘web-ext-educational-institutions’: Web Extension Educational Institutions; ‘web-ext-entertainment-and-arts’: Web Extension Entertainment and Arts; ‘web-ext-fashion-and-beauty’: Web Extension Fashion and Beauty; ‘web-ext-file-share’: Web Extension File Share; ‘web-ext-financial-services’: Web Extension Financial Services; ‘web-ext-gambling’: Web Extension Gambling; ‘web-ext-games’: Web Extension Games; ‘web-ext-government’: Web Extension Government; ‘web-ext-health-and-medicine’: Web Extension Health and Medicine; ‘web-ext-individual-stock-advice-and-tools’: Web Extension Individual Stock Advice and Tools; ‘web-ext-internet-portals’: Web Extension Internet Portals; ‘web-ext-job-search’: Web Extension Job Search; ‘web-ext-local-information’: Web Extension Local Information; ‘web-ext-malware’: Web Extension Malware; ‘web-ext-motor-vehicles’: Web Extension Motor Vehicles; ‘web-ext-music’: Web Extension Music; ‘web-ext-news’: Web Extension News; ‘web-ext-p2p’: Web Extension P2P; ‘web-ext-parked-sites’: Web Extension Parked Sites; ‘web-ext-proxy-avoid-and-anonymizers’: Web Extension Proxy Avoid and Anonymizers; ‘web-ext-real-estate’: Web Extension Real Estate; ‘web-ext-reference-and-research’: Web Extension Reference and Research; ‘web-ext-search-engines’: Web Extension Search Engines; ‘web-ext-shopping’: Web Extension Shopping; ‘web-ext-social-network’: Web Extension Social Network; ‘web-ext-society’: Web Extension Society; ‘web-ext-software’: Web Extension Software; ‘web-ext-sports’: Web Extension Sports; ‘web-ext-streaming-media’: Web Extension Streaming Media; ‘web-ext-training-and-tools’: Web Extension Training and Tools; ‘web-ext-translation’: Web Extension Translation; ‘web-ext-travel’: Web Extension Travel; ‘web-ext-web-advertisements’: Web Extension Web Advertisements; ‘web-ext-web-based-email’: Web Extension Web based Email; ‘web-ext-web-hosting’: Web Extension Web Hosting; ‘web-ext-web-service’: Web Extension Web Service;
Type: string
Supported Values: aaa, adult-content, advertising, aetls, analytics-and-statistics, anonymizers-and-proxies, audio-chat, basic, blog, cdn, certification-authority, chat, classified-ads, cloud-based-services, crowdfunding, cryptocurrency, database, disposable-email, ebook-reader, education, email, enterprise, file-management, file-transfer, forum, gaming, healthcare, instant-messaging-and-multimedia-conferencing, internet-of-things, map-service, mobile, multimedia-streaming, networking, news-portal, payment-service, peer-to-peer, remote-access, scada, social-networks, software-update, speedtest, standards-based, transportation, video-chat, voip, vpn-tunnels, web, web-e-commerce, web-search-engines, web-websites, webmails, web-ext-adult, web-ext-auctions, web-ext-blogs, web-ext-business-and-economy, web-ext-cdns, web-ext-collaboration, web-ext-computer-and-internet-info, web-ext-computer-and-internet-security, web-ext-dating, web-ext-educational-institutions, web-ext-entertainment-and-arts, web-ext-fashion-and-beauty, web-ext-file-share, web-ext-financial-services, web-ext-gambling, web-ext-games, web-ext-government, web-ext-health-and-medicine, web-ext-individual-stock-advice-and-tools, web-ext-internet-portals, web-ext-job-search, web-ext-local-information, web-ext-malware, web-ext-motor-vehicles, web-ext-music, web-ext-news, web-ext-p2p, web-ext-parked-sites, web-ext-proxy-avoid-and-anonymizers, web-ext-real-estate, web-ext-reference-and-research, web-ext-search-engines, web-ext-shopping, web-ext-social-network, web-ext-society, web-ext-software, web-ext-sports, web-ext-streaming-media, web-ext-training-and-tools, web-ext-translation, web-ext-travel, web-ext-web-advertisements, web-ext-web-based-email, web-ext-web-hosting, web-ext-web-service
disable-application-protocol
Description Disable specific application protocol
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
tcp-rst-close-immediate¶
Specification
Type
object
status
Description ‘enable’: Enable TCP RST close immediate (default); ‘disable’: Disable TCP RST close immediate;
Type: string
Supported Values: enable, disable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp¶
Specification
Type
object
mss-clamp
Description: mss-clamp is a JSON Block. Please see below for tcp_mss-clamp
Type: Object
Refernce Object: /axapi/v3/fw/tcp/mss-clamp
reset-on-error
Description: reset-on-error is a JSON Block. Please see below for tcp_reset-on-error
Type: Object
Refernce Object: /axapi/v3/fw/tcp/reset-on-error
syn-cookie
Description: syn-cookie is a JSON Block. Please see below for tcp_syn-cookie
Type: Object
Refernce Object: /axapi/v3/fw/tcp/syn-cookie
tcp_mss-clamp¶
Specification
Type
object
min
Description Specify the min value allowed for the TCP MSS (Specify the min value allowed for the TCP MSS (default: ((576 - 60 - 60))))
Type: number
Range: 0-1460
Default: 456
mss-clamp-type
Description ‘fixed’: Specify a fixed max value for the TCP MSS; ‘subtract’: Specify the value to subtract from the TCP MSS;
Type: string
Supported Values: fixed, subtract
mss-subtract
Description Specify the value to subtract from the TCP MSS (default: not configured)
Type: number
Range: 0-1460
mss-value
Description The max value allowed for the TCP MSS (default: not configured)}
Type: number
Range: 0-1460
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp_reset-on-error¶
Specification
Type
object
enable
Description Enable send TCP reset on error
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
outbound
Description ‘enable’: Enable send TCP reset on error;
Type: string
Supported Values: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
radius¶
Specification
Type
object
server
Description: server is a JSON Block. Please see below for radius_server
Type: Object
Refernce Object: /axapi/v3/fw/radius/server
radius_server¶
Specification
Type
object
accounting-interim-update
Description ‘ignore’: Ignore (default); ‘append-entry’: Append the AVPs to existing entry; ‘replace-entry’: Replace the AVPs of existing entry;
Type: string
Supported Values: ignore, append-entry, replace-entry
Default: ignore
accounting-on
Description ‘ignore’: Ignore (default); ‘delete-entries-using-attribute’: Delete entries matching attribute in RADIUS Table;
Type: string
Supported Values: ignore, delete-entries-using-attribute
Default: ignore
accounting-start
Description ‘ignore’: Ignore; ‘append-entry’: Append the AVPs to existing entry (default); ‘replace-entry’: Replace the AVPs of existing entry;
Type: string
Supported Values: ignore, append-entry, replace-entry
Default: append-entry
accounting-stop
Description ‘ignore’: Ignore; ‘delete-entry’: Delete the entry (default);
Type: string
Supported Values: ignore, delete-entry
Default: delete-entry
attribute
Type: List
attribute-name
Description ‘msisdn’: Clear using MSISDN; ‘imei’: Clear using IMEI; ‘imsi’: Clear using IMSI;
Type: string
Supported Values: msisdn, imei, imsi
Mutual Exclusion: attribute-name and custom-attribute-name are mutually exclusive
custom-attribute-name
Description Clear using customized attribute
Type: string
Maximum Length: 15 characters
Maximum Length: 1 characters
Mutual Exclusion: custom-attribute-name and attribute-name are mutually exclusive
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)
listen-port
Description Configure the listen port of RADIUS server (Port number)
Type: number
Range: 1024-65535
remote
Description: remote is a JSON Block. Please see below for radius_server_remote
Type: Object
secret
Description Configure shared secret
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
secret-string
Description The RADIUS secret
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid
Description Join a VRRP-A failover group
Type: number
Range: 1-31
radius_server_remote¶
Specification
Type
object
ip-list
Type: List
radius_server_remote_ip-list¶
Specification
Type
list
Block object keys
ip-list-encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)
ip-list-name
Description IP-list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ip-list-secret
Description Configure shared secret
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ip-list-secret-string
Description The RADIUS secret
Type: string
Format: password
Maximum Length: 127 characters
Maximum Length: 1 characters
radius_server_attribute¶
Specification
Type
list
Block object keys
attribute-value
Description ‘inside-ipv6-prefix’: Framed IPv6 Prefix; ‘inside-ip’: Inside IP address; ‘inside-ipv6’: Inside IPv6 address; ‘imei’: International Mobile Equipment Identity (IMEI); ‘imsi’: International Mobile Subscriber Identity (IMSI); ‘msisdn’: Mobile Subscriber Integrated Services Digital Network-Number (MSISDN); ‘custom1’: Customized attribute 1; ‘custom2’: Customized attribute 2; ‘custom3’: Customized attribute 3; ‘custom4’: Customized attribute 4; ‘custom5’: Customized attribute 5; ‘custom6’: Customized attribute 6;
Type: string
Supported Values: inside-ipv6-prefix, inside-ip, inside-ipv6, imei, imsi, msisdn, custom1, custom2, custom3, custom4, custom5, custom6
custom-number
Description RADIUS attribute number
Type: number
Range: 1-255
custom-vendor
Description RADIUS vendor attribute information (RADIUS vendor ID)
Type: number
Range: 1-65535
name
Description Customized attribute name
Type: string
Maximum Length: 15 characters
Maximum Length: 1 characters
number
Description RADIUS attribute number
Type: number
Range: 1-255
prefix-length
Description ‘32’: Prefix length 32; ‘48’: Prefix length 48; ‘64’: Prefix length 64; ‘80’: Prefix length 80; ‘96’: Prefix length 96; ‘112’: Prefix length 112;
Type: string
Supported Values: 32, 48, 64, 80, 96, 112
prefix-number
Description RADIUS attribute number
Type: number
Range: 1-255
prefix-vendor
Description RADIUS vendor attribute information (RADIUS vendor ID)
Type: number
Range: 1-65535
value
Description ‘hexadecimal’: Type of attribute value is hexadecimal;
Type: string
Supported Values: hexadecimal
vendor
Description RADIUS vendor attribute information (RADIUS vendor ID)
Type: number
Range: 1-65535
clear-session-filter¶
Specification
Type
object
status
Description ‘disable’: Disable clear L4 session filter for fw (Default: disabled); ‘enable’: Enable clear L4 session filter for fw;
Type: string
Supported Values: disable, enable
Default: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
per-instance¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
system-status¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid
Description Vrrp group (VRRP-A vrid)
Type: number
Range: 1-31
limit-entry¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
rate-limit¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
gtp¶
Specification
Type
object
apn-log-periodicity
Description Periodic Logging Frequency(In Minutes)
Type: number
Range: 1-30
apn-prefix
Description: apn-prefix is a JSON Block. Please see below for gtp_apn-prefix
Type: Object
Refernce Object: /axapi/v3/fw/gtp/apn-prefix
apn-prefix-list
Description Class List (Class List Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
echo-timeout
Description echo message timeout (minutes) (echo-timeout (default 2))
Type: number
Range: 1-261
Default: 2
gtp-value
Description ‘enable’: Enable GTP Inspection;
Type: string
Supported Values: enable
insertion-mode
Description ‘monitor’: Enable inline view-only mode; ‘skip-state-checks’: Enable skip stateful checks mode;
Type: string
Supported Values: monitor, skip-state-checks
ne-v4-log-periodicity
Description Periodic Logging Frequency(In Minutes)
Type: number
Range: 1-30
ne-v6-log-periodicity
Description Periodic Logging Frequency(In Minutes)
Type: number
Range: 1-30
network-element
Description: network-element is a JSON Block. Please see below for gtp_network-element
Type: Object
Refernce Object: /axapi/v3/fw/gtp/network-element
network-element-list-v4
Description Class List (Class List Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
network-element-list-v6
Description Class List (Class List Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
path-mgmt-logging
Description ‘enable-log’: Enable Log for Path Management;
Type: string
Supported Values: enable-log
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
gtp_network-element¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
gtp_apn-prefix¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
template¶
Specification
Type
object
logging-list
Type: List
Refernce Object: /axapi/v3/fw/template/logging/{name}
template_logging-list¶
Specification
Type
list
Block object keys
facility
Description ‘kernel’: 0: Kernel; ‘user’: 1: User-level; ‘mail’: 2: Mail; ‘daemon’: 3: System daemons; ‘security-authorization’: 4: Security/authorization; ‘syslog’: 5: Syslog internal; ‘line-printer’: 6: Line printer; ‘news’: 7: Network news; ‘uucp’: 8: UUCP subsystem; ‘cron’: 9: Time-related; ‘security-authorization-private’: 10: Private security/authorization; ‘ftp’: 11: FTP; ‘ntp’: 12: NTP; ‘audit’: 13: Audit; ‘alert’: 14: Alert; ‘clock’: 15: Clock-related; ‘local0’: 16: Local use 0; ‘local1’: 17: Local use 1; ‘local2’: 18: Local use 2; ‘local3’: 19: Local use 3; ‘local4’: 20: Local use 4; ‘local5’: 21: Local use 5; ‘local6’: 22: Local use 6; ‘local7’: 23: Local use 7;
Type: string
Supported Values: kernel, user, mail, daemon, security-authorization, syslog, line-printer, news, uucp, cron, security-authorization-private, ftp, ntp, audit, alert, clock, local0, local1, local2, local3, local4, local5, local6, local7
Default: local0
format
Description ‘ascii’: A10 Text logging format (ASCII); ‘cef’: Common Event Format for logging (default);
Type: string
Supported Values: ascii, cef
Default: cef
include-dest-fqdn
Description Include destination FQDN string
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
include-http
Description: include-http is a JSON Block. Please see below for template_logging-list_include-http
Type: Object
include-radius-attribute
Description: include-radius-attribute is a JSON Block. Please see below for template_logging-list_include-radius-attribute
Type: Object
log
Description: log is a JSON Block. Please see below for template_logging-list_log
Type: Object
merged-style
Description Merge creation and deletion of session logs to one
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Logging Template Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
resolution
Description ‘seconds’: Logging timestamp resolution in seconds (default); ‘10-milliseconds’: Logging timestamp resolution in 10s of milli-seconds;
Type: string
Supported Values: seconds, 10-milliseconds
Default: seconds
rule
Description: rule is a JSON Block. Please see below for template_logging-list_rule
Type: Object
service-group
Description Bind a Service Group to the logging template (Service Group Name)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
severity
Description ‘emergency’: 0: Emergency; ‘alert’: 1: Alert; ‘critical’: 2: Critical; ‘error’: 3: Error; ‘warning’: 4: Warning; ‘notice’: 5: Notice; ‘informational’: 6: Informational; ‘debug’: 7: Debug;
Type: string
Supported Values: emergency, alert, critical, error, warning, notice, informational, debug
Default: informational
source-address
Description: source-address is a JSON Block. Please see below for template_logging-list_source-address
Type: Object
Refernce Object: /axapi/v3/fw/template/logging/{name}/source-address
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
template_logging-list_source-address¶
Specification
Type
object
ip
Description Specify source IP address
Type: string
Format: ipv4-address
ipv6
Description Specify source IPv6 address
Type: string
Format: ipv6-address
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
template_logging-list_include-radius-attribute¶
Specification
Type
object
attr-cfg
Type: List
framed-ipv6-prefix
Description Include radius attributes for the prefix
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
insert-if-not-existing
Description Configure what string is to be inserted for custom RADIUS attributes
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
no-quote
Description No quotation marks for RADIUS attributes in logs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
prefix-length
Description ‘32’: Prefix length 32; ‘48’: Prefix length 48; ‘64’: Prefix length 64; ‘80’: Prefix length 80; ‘96’: Prefix length 96; ‘112’: Prefix length 112;
Type: string
Supported Values: 32, 48, 64, 80, 96, 112
zero-in-custom-attr
Description Insert 0000 for standard and custom attributes in log string
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
template_logging-list_include-radius-attribute_attr-cfg¶
Specification
Type
list
Block object keys
attr
Description ‘imei’: Include IMEI; ‘imsi’: Include IMSI; ‘msisdn’: Include MSISDN; ‘custom1’: Customized attribute 1; ‘custom2’: Customized attribute 2; ‘custom3’: Customized attribute 3; ‘custom4’: Customized attribute 4; ‘custom5’: Customized attribute 5; ‘custom6’: Customized attribute 6;
Type: string
Supported Values: imei, imsi, msisdn, custom1, custom2, custom3, custom4, custom5, custom6
attr-event
Description ‘http-requests’: Include in HTTP request logs; ‘sessions’: Include in session logs; ‘limit-policy’: Include in limit policy logs;
Type: string
Supported Values: http-requests, sessions, limit-policy
template_logging-list_rule¶
Specification
Type
object
rule-http-requests
Description: rule-http-requests is a JSON Block. Please see below for template_logging-list_rule_rule-http-requests
Type: Object
template_logging-list_rule_rule-http-requests¶
Specification
Type
object
dest-port
Type: List
disable-sequence-check
Description Disable http packet sequence check and don’t drop out of order packets
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
include-all-headers
Description Include all configured headers despite of absence in HTTP request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-every-http-request
Description Log every HTTP request in an HTTP 1.1 session (Default: Log the first HTTP request in a session)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
max-url-len
Description Max length of URL log (Max URL length (Default: 128 char))
Type: number
Range: 100-1000
Default: 128
template_logging-list_rule_rule-http-requests_dest-port¶
Specification
Type
list
Block object keys
dest-port-number
Description
Type: number
Range: 1-65535
include-byte-count
Description Include the byte count of HTTP Request/Response in FW session deletion logs
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
template_logging-list_include-http¶
Specification
Type
object
file-extension
Description HTTP file extension
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
header-cfg
Type: List
l4-session-info
Description Log the L4 session information of the HTTP request
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
method
Description Log the HTTP Request Method
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
request-number
Description HTTP Request Number
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
template_logging-list_include-http_header-cfg¶
Specification
Type
list
Block object keys
custom-header-name
Description Header name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
custom-max-length
Description Max length for a HTTP request log (Max header length (Default: 100 char))
Type: number
Range: 100-1000
Default: 100
http-header
Description ‘cookie’: Log HTTP Cookie Header; ‘referer’: Log HTTP Referer Header; ‘user-agent’: Log HTTP User-Agent Header; ‘header1’: Log HTTP Header 1; ‘header2’: Log HTTP Header 2; ‘header3’: Log HTTP Header 3;
Type: string
Supported Values: cookie, referer, user-agent, header1, header2, header3
max-length
Description Max length for a HTTP request log (Max header length (Default: 100 char))
Type: number
Range: 100-1000
Default: 100
template_logging-list_log¶
Specification
Type
object
http-requests
Description ‘host’: Log the HTTP Host Header; ‘url’: Log the HTTP Request URL;
Type: string
Supported Values: host, url
status¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
full-cone-session¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
urpf¶
Specification
Type
object
status
Description ‘loose’: Perform loose check; ‘strict’: Perform strict check; ‘disable’: Disable check;
Type: string
Supported Values: loose, strict, disable
Default: loose
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tap-monitor¶
Specification
Type
object
status
Description ‘enable’: Enable tap monitor mode; ‘disable’: Disable tap monitor mode (Default:Disable);
Type: string
Supported Values: enable, disable
Default: disable
tap-port-cfg
Type: List
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tap-monitor_tap-port-cfg¶
Specification
Type
list
Block object keys
tap-eth
Description Ethernet interface number
Type: number
Format: interface
tap-vlan
Description Vlan number
Type: number
Range: 2-4096
local-log¶
Specification
Type
object
local-logging
Description Enable local logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
resource-usage¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
active-rule-set¶
Specification
Type
object
name
Description Rule set name
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/rule-set
override-nat-aging
Description Override NAT idle-timeout
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
session-aging
Description Session Aging Template
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/fw/session-aging
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
logging¶
Specification
Type
object
gtp
Description: gtp is a JSON Block. Please see below for logging_gtp
Type: Object
Refernce Object: /axapi/v3/fw/logging/gtp
name
Description Logging Template Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/fw/template/logging
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
logging_gtp¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tcp-window-check¶
Specification
Type
object
status
Description ‘enable’: Enable TCP window check (default); ‘disable’: Disable TCP window check;
Type: string
Supported Values: enable, disable
Default: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
service-group-list¶
Specification
Type
list
Block object keys
health-check
Description Health Check (Monitor Name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/health/monitor
member-list
Type: List
Refernce Object: /axapi/v3/fw/service-group/{name}/member/{name}+{port}
name
Description FW Service Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
protocol
Description ‘tcp’: TCP LB service; ‘udp’: UDP LB service;
Type: string
Supported Values: tcp, udp
traffic-replication-mirror-ip-repl
Description Replaces IP with server-IP
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
service-group-list_member-list¶
Specification
Type
list
Block object keys
name
Description Member name
Type: string
Format: comp-string
Maximum Length: 127 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/fw/server
port
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
helper-sessions¶
Specification
Type
object
idle-timeout
Description helper-sessions idle-timeout time (Idle-timeout in minutes (default: 1 minute))
Type: number
Range: 1-255
Default: 1
limit
Description Limit number of helper-sessions (Limit helper-sessions number)
Type: number
mode
Description ‘disable’: Disable helper-sessions;
Type: string
Supported Values: disable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
server-list¶
Specification
Type
list
Block object keys
action
Description ‘enable’: Enable this Real Server; ‘disable’: Disable this Real Server;
Type: string
Supported Values: enable, disable
Default: enable
fqdn-name
Description Server hostname
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
health-check
Description Health Check Monitor (Health monitor name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
Refernce Object: /axapi/v3/health/monitor
health-check-disable
Description Disable configured health check configuration
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
host
Description IP Address
Type: string
Format: ipv4-address
name
Description Server Name
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
port-list
Type: List
Refernce Object: /axapi/v3/fw/server/{name}/port/{port-number}+{protocol}
resolve-as
Description ‘resolve-to-ipv4’: Use A Query only to resolve FQDN; ‘resolve-to-ipv6’: Use AAAA Query only to resolve FQDN; ‘resolve-to-ipv4-and-ipv6’: Use A as well as AAAA Query to resolve FQDN;
Type: string
Supported Values: resolve-to-ipv4, resolve-to-ipv6, resolve-to-ipv4-and-ipv6
Default: resolve-to-ipv4
server-ipv6-addr
Description IPV6 address
Type: string
Format: ipv6-address
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
server-list_port-list¶
Specification
Type
list
Block object keys
action
Description ‘enable’: enable; ‘disable’: disable;
Type: string
Supported Values: enable, disable
Default: enable
health-check
Description Health Check (Monitor Name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: health-check and health-check-disable are mutually exclusive
Refernce Object: /axapi/v3/health/monitor
health-check-disable
Description Disable health check
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: health-check-disable and health-check are mutually exclusive
port-number
Description Port Number
Type: number
Range: 1-65534
protocol
Description ‘tcp’: TCP Port; ‘udp’: UDP Port;
Type: string
Supported Values: tcp, udp
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
session-aging-list¶
Specification
Type
list
Block object keys
icmp-idle-timeout
Description Idle Timeout time (default 2 seconds) (Second, default 2)
Type: number
Range: 2-15000
Default: 2
ip-idle-timeout
Description Idle Timeout time(sec), default is 30 (Second)
Type: number
Range: 1-2097151
Default: 30
name
Description session-aging Template (session-aging Template name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description: tcp is a JSON Block. Please see below for session-aging-list_tcp
Type: Object
Refernce Object: /axapi/v3/fw/session-aging/{name}/tcp
udp
Description: udp is a JSON Block. Please see below for session-aging-list_udp
Type: Object
Refernce Object: /axapi/v3/fw/session-aging/{name}/udp
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
session-aging-list_udp¶
Specification
Type
object
port-cfg
Type: List
udp-idle-timeout
Description Idle Timeout (sec), default is 120 (number)
Type: number
Range: 1-2097151
Default: 120
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
session-aging-list_udp_port-cfg¶
Specification
Type
list
Block object keys
udp-idle-timeout
Description Idle Timeout (sec), default is 120 (number)
Type: number
Range: 1-2097151
Default: 120
udp-port
Description
Type: number
Range: 1-65535
session-aging-list_tcp¶
Specification
Type
object
force-delete-timeout
Description The maximum time that a session can stay in the system before being deleted, default is off (number (second))
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive
force-delete-timeout-100ms
Description The maximum time that a session can stay in the system before being deleted, default is off (number in 100ms)
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive
half-close-idle-timeout
Description TCP Half Close Idle Timeout (sec), default is off (number)
Type: number
Range: 60-120
half-open-idle-timeout
Description TCP Half Open Idle Timeout (sec), default is off (number)
Type: number
Range: 1-60
port-cfg
Type: List
tcp-idle-timeout
Description Idle Timeout (sec), default is 600 (number)
Type: number
Range: 1-2097151
Default: 600
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
session-aging-list_tcp_port-cfg¶
Specification
Type
list
Block object keys
force-delete-timeout
Description The maximum time that a session can stay in the system before being deleted, default is off (number (second))
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout and force-delete-timeout-100ms are mutually exclusive
force-delete-timeout-100ms
Description The maximum time that a session can stay in the system before being deleted, default is off (number in 100ms)
Type: number
Range: 1-31
Mutual Exclusion: force-delete-timeout-100ms and force-delete-timeout are mutually exclusive
half-close-idle-timeout
Description TCP Half Close Idle Timeout (sec), default is off (number)
Type: number
Range: 60-120
half-open-idle-timeout
Description TCP Half Open Idle Timeout (sec), default is off (number)
Type: number
Range: 1-60
tcp-idle-timeout
Description Idle Timeout (sec), default is 600 (number)
Type: number
Range: 1-2097151
tcp-port
Description
Type: number
Range: 1-65535
ddos-protection¶
Specification
Type
object
action
Description: action is a JSON Block. Please see below for ddos-protection_action
Type: Object
logging
Description: logging is a JSON Block. Please see below for ddos-protection_logging
Type: Object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
ddos-protection_action¶
Specification
Type
object
action-type
Description ‘drop’: Log, and drop all packets (default); ‘redistribute-route’: Log, Drop, and Notify upstream router to reroute the packets;
Type: string
Supported Values: drop, redistribute-route
Default: drop
expiration
Description To specify time in minutes to revert the action (Expiration time, in minutes (default is 5 mins))
Type: number
Range: 2-144000
Default: 5
expiration-route
Description To specify time in minutes to revert the action (Expiration time, in minutes (default is 60 mins))
Type: number
Range: 2-144000
Default: 60
remove-wait-timer
Description Max time to wait before removing IP from blackhole (Max value in seconds (default 300))
Type: number
Range: 0-300
Default: 300
route-map
Description Route map name
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
timer-multiply-max
Description To specify max value of timer multiplier for attacks lasted long time (Max value of timer multiplier (default is 6))
Type: number
Range: 1-100
Default: 6
ddos-protection_logging¶
Specification
Type
object
enable-action
Description ‘local’: Enable local logs only; ‘remote’: Enable logging to remote server & IPFIX; ‘both’: Enable both local & remote logs;
Type: string
Supported Values: local, remote, both
Default: local
logging-action
Description ‘enable’: enable FW DDoS protection logging; ‘disable’: Disable both local & remote FW DDoS protection logging;
Type: string
Supported Values: enable, disable
Default: enable
top-k-rules¶
Specification
Type
object
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters