ddos dst entry port¶

DDOS Port & Protocol configuration

port Specification¶

Parameter Value

Type Collection

Object Key(s) port-num, protocol

Collection Name port-list

Collection URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/port

Element Name port

Element URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}

Element Attributes port_attributes

Partition Visibility shared

Statistics Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/stats

Operational Data URI /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/oper

Schema port schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port	port attributes
Create List	POST	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port	port attributes
Get Object	GET	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}	port attributes
Get List	GET	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port	port-list
Modify Object	POST	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}	port attributes
Replace Object	PUT	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}	port attributes
Replace List	PUT	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port	port-list
Delete Object	DELETE	/axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}	port attributes

port-list¶

port-list is JSON List of port attributes

port-list : [

{ port attributes },

{ port attributes },

…

]

port attributes¶

capture-config

Description: capture-config is a JSON Block. Please see below for capture-config

Type: Object

deny

Description Blacklist and Drop all incoming packets for protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

detection-enable

Description Enable ddos detection

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

dns-cache

Description DNS Cache Instance

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ddos/dns-cache

enable-top-k

Description Enable ddos top-k entries

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

glid

Description Global limit ID

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/glid

glid-exceed-action

Description: glid-exceed-action is a JSON Block. Please see below for glid-exceed-action

Type: Object

pattern-recognition

Description: pattern-recognition is a JSON Block. Please see below for pattern-recognition

Type: Object

Reference Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/pattern-recognition

pattern-recognition-pu-details

Description: pattern-recognition-pu-details is a JSON Block. Please see below for pattern-recognition-pu-details

Type: Object

Reference Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/pattern-recognition-pu-details

port-ind

Description: port-ind is a JSON Block. Please see below for port-ind

Type: Object

Reference Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/port-ind

port-num

Description Port Number

Type: number

Range: 0-65535

protocol

Description ‘dns-tcp’: DNS-TCP Port; ‘dns-udp’: DNS-UDP Port; ‘http’: HTTP Port; ‘tcp’: TCP Port; ‘udp’: UDP Port; ‘ssl-l4’: SSL-L4 Port; ‘sip-udp’: SIP-UDP Port; ‘sip-tcp’: SIP-TCP Port;

Type: string

Supported Values: dns-tcp, dns-udp, http, tcp, udp, ssl-l4, sip-udp, sip-tcp

sflow

Description: sflow is a JSON Block. Please see below for sflow

Type: Object

signature-extraction

Description: signature-extraction is a JSON Block. Please see below for signature-extraction

Type: Object

Reference Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/signature-extraction

template

Description: template is a JSON Block. Please see below for template

Type: Object

topk-num-records

Description Maximum number of records to show in topk

Type: number

Range: 1-100

Default: 20

topk-sort-key

Description ‘avg’: window average; ‘max-peak’: max peak;

Type: string

Supported Values: avg, max-peak

Default: avg

topk-sources

Description: topk-sources is a JSON Block. Please see below for topk-sources

Type: Object

Reference Object: /axapi/v3/ddos/dst/entry/{dst-entry-name}/port/{port-num}+{protocol}/topk-sources

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

pattern-recognition¶

Specification Value

Type object

algorithm

Description ‘heuristic’: heuristic algorithm;

Type: string

Supported Values: heuristic

mode

Description ‘capture-never-expire’: War-time capture without rate exceeding and never expires; ‘manual’: Manual mode;

Type: string

Supported Values: capture-never-expire, manual

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

sflow¶

Specification Value

Type object

polling

Description: polling is a JSON Block. Please see below for sflow_polling

Type: Object

sflow_polling¶

Specification Value

Type object

sflow-http

Description Enable sFlow HTTP counter polling

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

sflow-packets

Description Enable sFlow packet-level counter polling

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

sflow-tcp

Description: sflow-tcp is a JSON Block. Please see below for sflow_polling_sflow-tcp

Type: Object

sflow_polling_sflow-tcp¶

Specification Value

Type object

sflow-tcp-basic

Description Enable sFlow basic TCP counter polling

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

sflow-tcp-stateful

Description Enable sFlow stateful TCP counter polling

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

capture-config¶

Specification Value

Type object

capture-config-mode

Description ‘drop’: Apply capture-config to dropped packets; ‘forward’: Apply capture-config to forwarded packets; ‘all’: Apply capture-config to both dropped and forwarded packets;

Type: string

Supported Values: drop, forward, all

capture-config-name

Description Capture-config name

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

pattern-recognition-pu-details¶

Specification Value

Type object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

port-ind¶

Specification Value

Type object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

signature-extraction¶

Specification Value

Type object

algorithm

Description ‘heuristic’: heuristic algorithm;

Type: string

Supported Values: heuristic

manual-mode

Description Enable manual mode

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

template¶

Specification Value

Type object

dns

Description DDOS dns template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

http

Description DDOS http template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

sip

Description DDOS sip template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

ssl-l4

Description DDOS SSL-L4 template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

tcp

Description DDOS tcp template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

udp

Description DDOS udp template

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

glid-exceed-action¶

Specification Value

Type object

stateless-encap-action-cfg

Description: stateless-encap-action-cfg is a JSON Block. Please see below for glid-exceed-action_stateless-encap-action-cfg

Type: Object

glid-exceed-action_stateless-encap-action-cfg¶

Specification Value

Type object

encap-template

Description Apply legacy encap template for encap action

Type: string

Format: string-rlx

Maximum Length: 128 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/ddos/template/encap

stateless-encap-action

Description ‘stateless-tunnel-encap’: Encapsulate all packets; ‘stateless-tunnel-encap-scrubbed’: Encapsulate all packets and allow packets to go through other DDoS checks before sent (conn-limit exceeded packet can not be scrubbed, it will default to stateless-tunnel-encap);

Type: string

Supported Values: stateless-tunnel-encap, stateless-tunnel-encap-scrubbed

topk-sources¶

Specification Value

Type object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters