ddos dst zone port¶
DDOS IP protocol configuration
port Specification¶
Parameter Value Type Intermediate Resource Element Name port Element URI /axapi/v3/ddos/dst/zone/{zone-name}/port Element Attributes port_attributes Partition Visibility shared Schema port schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Get Object | GET | /axapi/v3/ddos/dst/zone/{zone-name}/port | port_attributes |
port attributes¶
zone-service-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}
zone-service-other-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}
zone-service-list¶
Specification Value Type list Block object keys age
Description Idle age for ip entry
Type: number
Range: 2-1023
Default: 5
apply-policy-on-overflow
Description Enable this flag to apply overflow policy when dynamic entry count overflows
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
capture-config
Description: capture-config is a JSON Block. Please see below for zone-service-list_capture-config
Type: Object
default-action-list
Description Configure default-action-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/action-list
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dynamic-entry-count-warn-threshold
Description Set threshold percentage of “max-src-dst-entry” for generating warning logs. Including start and end.
Type: number
Range: 1-100
dynamic-entry-overflow-policy-list
enable-class-list-overflow
Description Apply class-list overflow policy upon exceeding dynamic entry count specified for zone-port or class-list
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k
Description Enable ddos top-k detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k-destination
Description Enable ddos top-k destination IP detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
faster-de-escalation
Description De-escalate faster in standalone mode
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-cfg
Description: glid-cfg is a JSON Block. Please see below for zone-service-list_glid-cfg
Type: Object
ip-filtering-policy
Description Configure IP Filter
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/ip-filtering-policy
ip-filtering-policy-statistics
Description: ip-filtering-policy-statistics is a JSON Block. Please see below for zone-service-list_ip-filtering-policy-statistics
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/ip-filtering-policy-statistics
level-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/level/{level-num}
manual-mode-enable
Description Toggle manual mode to use fix templates
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
manual-mode-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/manual-mode/{config}
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry
Type: number
Range: 0-2147483647
outbound-only
Description Only allow outbound traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pattern-recognition
Description: pattern-recognition is a JSON Block. Please see below for zone-service-list_pattern-recognition
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/pattern-recognition
pattern-recognition-pu-details
Description: pattern-recognition-pu-details is a JSON Block. Please see below for zone-service-list_pattern-recognition-pu-details
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/pattern-recognition-pu-details
port-ind
Description: port-ind is a JSON Block. Please see below for zone-service-list_port-ind
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/port-ind
port-num
Description Port Number
Type: number
Range: 1-65535
protocol
Description ‘dns-tcp’: DNS-TCP Port; ‘dns-udp’: DNS-UDP Port; ‘http’: HTTP Port; ‘tcp’: TCP Port; ‘udp’: UDP Port; ‘ssl-l4’: SSL-L4 Port; ‘sip-udp’: SIP-UDP Port; ‘sip-tcp’: SIP-TCP Port; ‘quic’: QUIC Port;
Type: string
Supported Values: dns-tcp, dns-udp, http, tcp, udp, ssl-l4, sip-udp, sip-tcp, quic
sflow-common
Description Enable all sFlow polling options under this zone port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-common,sflow-packets, sflow-tcp-basic, sflow-tcp-stateful, and sflow-http are mutually exclusive
sflow-http
Description Enable sFlow HTTP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-http and sflow-common are mutually exclusive
sflow-packets
Description Enable sFlow packet-level counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-packets and sflow-common are mutually exclusive
sflow-tcp
Description: sflow-tcp is a JSON Block. Please see below for zone-service-list_sflow-tcp
Type: Object
signature-extraction
Description: signature-extraction is a JSON Block. Please see below for zone-service-list_signature-extraction
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/signature-extraction
src-based-policy-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/src-based-policy/{src-based-policy-name}
stateful
Description Enable stateful tracking of sessions (Default is stateless)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
topk-destinations
Description: topk-destinations is a JSON Block. Please see below for zone-service-list_topk-destinations
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/topk-destinations
topk-dst-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-dst-sort-key
Description ‘avg’: window average; ‘max-peak’: max peak;
Type: string
Supported Values: avg, max-peak
Default: avg
topk-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-sort-key
Description ‘avg’: window average; ‘max-peak’: max peak;
Type: string
Supported Values: avg, max-peak
Default: avg
topk-sources
Description: topk-sources is a JSON Block. Please see below for zone-service-list_topk-sources
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/topk-sources
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
virtualhosts
Description: virtualhosts is a JSON Block. Please see below for zone-service-list_virtualhosts
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts
zone-service-list_pattern-recognition¶
Specification Value Type object algorithm
Description ‘heuristic’: heuristic algorithm;
Type: string
Supported Values: heuristic
capture-traffic
Description ‘all’: Capture all packets; ‘dropped’: Capture dropped packets (default);
Type: string
Supported Values: all, dropped
triggered-by
Description ‘zone-escalation’: Zone escalation trigger pattern recognition; ‘packet-rate-exceeds’: Packet rate limit exceeds trigger pattern recognition (default);
Type: string
Supported Values: zone-escalation, packet-rate-exceeds
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_dynamic-entry-overflow-policy-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_dynamic-entry-overflow-policy-list_zone-template
Type: Object
zone-service-list_dynamic-entry-overflow-policy-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
quic
Description DDOS quic template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_glid-cfg¶
Specification Value Type object action-list
Description Configure action-list to take
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: action-list and glid-action are mutually exclusive
Reference Object: /axapi/v3/ddos/action-list
glid
Description Global limit ID for the whole zone
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default if default-action-list is not configured); ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, ignore
Mutual Exclusion: glid-action and action-list are mutually exclusive
per-addr-glid
Description Global limit ID per address
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
zone-service-list_signature-extraction¶
Specification Value Type object algorithm
Description ‘heuristic’: heuristic algorithm;
Type: string
Supported Values: heuristic
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_level-list¶
Specification Value Type list Block object keys apply-extracted-filters
Description Apply extracted filters from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
clear-sources-upon-deescalation
Description Clear sources upon de-escalation from level 1 to 0 or manual to 0
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
close-sessions-for-all-sources
Description Close session for all sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
close-sessions-for-unauth-sources
Description Close session for unauthenticated sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
indicator-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/level/{level-num}/indicator/{type}
level-num
Description ‘0’: Default policy level; ‘1’: Policy level 1; ‘2’: Policy level 2; ‘3’: Policy level 3; ‘4’: Policy level 4;
Type: string
Supported Values: 0, 1, 2, 3, 4
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
src-escalation-score
Description Source activation score of this level
Type: number
Range: 1-1000000
src-violation-actions
Description Violation actions apply due to source escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
start-pattern-recognition
Description Start pattern recognition from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-escalation-score
Description Zone activation score of this level
Type: number
Range: 1-1000000
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_level-list_zone-template
Type: Object
zone-violation-actions
Description Violation actions apply due to zone escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
zone-service-list_level-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
quic
Description DDOS quic template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_level-list_indicator-list¶
Specification Value Type list Block object keys data-packet-size
Description Expected minimal data size
Type: number
Range: 1-1500
score
Description Score corresponding to the indicator
Type: number
Range: 1-1000000
src-threshold-large-num
Description Indicator per-src threshold
Type: number
Range: 1-10995116277760
src-threshold-num
Description Indicator per-src threshold
Type: number
Range: 1-2147483647
src-threshold-str
Description Indicator per-src threshold
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
src-violation-actions
Description Violation actions to use when this src indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
tcp-window-size
Description Expected minimal window size
Type: number
Range: 1-500
type
Description ‘pkt-rate’: rate of incoming packets; ‘pkt-drop-rate’: rate of packets got dropped; ‘pkt-drop-ratio’: ratio of incoming packet rate divided by the rate of dropping packets; ‘bytes-to-bytes-from-ratio’: ratio of incoming packet rate divided by the rate of outgoing packets; ‘concurrent-conns’: number of concurrent connections; ‘conn-miss-rate’: rate of incoming packets for which no previously established connection exists; ‘syn-rate’: rate on incoming SYN packets; ‘fin-rate’: rate on incoming FIN packets; ‘rst-rate’: rate of incoming RST packets; ‘small-window-ack-rate’: rate of small window advertisement; ‘empty-ack-rate’: rate of incoming packets which have no payload; ‘small-payload-rate’: rate of short payload packet; ‘syn-fin-ratio’: ratio of incoming SYN packet rate divided by the rate of incoming FIN packets; ‘cpu-utilization’: average data CPU utilization; ‘interface-utilization’: outside interface utilization;
Type: string
Supported Values: pkt-rate, pkt-drop-rate, bit-rate, pkt-drop-ratio, bytes-to-bytes-from-ratio, concurrent-conns, conn-miss-rate, syn-rate, fin-rate, rst-rate, small-window-ack-rate, empty-ack-rate, small-payload-rate, syn-fin-ratio, cpu-utilization, interface-utilization, learnt-sources
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-threshold-large-num
Description Threshold for the entire zone
Type: number
Range: 1-10995116277760
zone-threshold-num
Description Threshold for the entire zone
Type: number
Range: 1-2147483647
zone-threshold-str
Description Threshold for the entire zone
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
zone-violation-actions
Description Violation actions to use when this zone indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
zone-service-list_virtualhosts¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vhosts-config
Description ‘configuration’: configure virtualhost based mitigation for ssl services;
Type: string
Supported Values: configuration
virtualhost-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}
zone-service-list_virtualhosts_virtualhost-list¶
Specification Value Type list Block object keys deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-cfg
Description: glid-cfg is a JSON Block. Please see below for zone-service-list_virtualhosts_virtualhost-list_glid-cfg
Type: Object
level-list
servername
Type: Listservername-list
Description Class List to match servername (AC type Class List Name)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
servername-match-any
Description Match when there is no SNI or other servernames are not matched
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
servername-no-sni
Description Match when there is no SNI extension found
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vhost
Description name for virtualhost
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_virtualhosts_virtualhost-list_servername¶
Specification Value Type list Block object keys host-match-string
Description SNI String
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
match-type
Description ‘contains’: match servername extension when contains this string; ‘ends-with’: match servername extension when ends with this string; ‘equals’: match servername extension when equals this string; ‘starts-with’: match servername extension when starts with this string;
Type: string
Supported Values: contains, ends-with, equals, starts-with
zone-service-list_virtualhosts_virtualhost-list_glid-cfg¶
Specification Value Type object glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, ignore
zone-service-list_virtualhosts_virtualhost-list_level-list¶
Specification Value Type list Block object keys glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
level-num
Description ‘0’: Default policy level;
Type: string
Supported Values: 0
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_virtualhosts_virtualhost-list_level-list_zone-template
Type: Object
zone-service-list_virtualhosts_virtualhost-list_level-list_zone-template¶
Specification Value Type object ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_manual-mode-list¶
Specification Value Type list Block object keys close-sessions-for-all-sources
Description Close session for all sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
config
Description ‘configuration’: Manual-mode configuration;
Type: string
Supported Values: configuration
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_manual-mode-list_zone-template
Type: Object
zone-service-list_manual-mode-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
quic
Description DDOS quic template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_src-based-policy-list¶
Specification Value Type list Block object keys policy-class-list-list
src-based-policy-name
Description Specify name of the policy
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_src-based-policy-list_policy-class-list-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
class-list-name
Description Class-list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
class-list-overflow-policy-list
dynamic-entry-count-warn-threshold
Description Set threshold percentage of “max-src-dst-entry” for generating warning logs. Including start and end.
Type: number
Range: 1-100
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry allowed for this class-list
Type: number
Range: 0-2147483647
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_src-based-policy-list_policy-class-list-list_zone-template
Type: Object
zone-service-list_src-based-policy-list_policy-class-list-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
quic
Description DDOS quic template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy for class-list;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template
Type: Object
zone-service-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
quic
Description DDOS quic template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-list_pattern-recognition-pu-details¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_port-ind¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_ip-filtering-policy-statistics¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_sflow-tcp¶
Specification Value Type object sflow-tcp-basic
Description Enable sFlow basic TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-basic and sflow-common are mutually exclusive
sflow-tcp-stateful
Description Enable sFlow stateful TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-stateful and sflow-common are mutually exclusive
zone-service-list_topk-sources¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-list_capture-config¶
Specification Value Type object capture-config-mode
Description ‘drop’: Apply capture-config to dropped packets; ‘forward’: Apply capture-config to forwarded packets; ‘all’: Apply capture-config to both dropped and forwarded packets;
Type: string
Supported Values: drop, forward, all
capture-config-name
Description Capture-config name
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
zone-service-list_topk-destinations¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list¶
Specification Value Type list Block object keys age
Description Idle age for ip entry
Type: number
Range: 2-1023
Default: 5
apply-policy-on-overflow
Description Enable this flag to apply overflow policy when dynamic entry count overflows
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
default-action-list
Description Configure default-action-list
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/action-list
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
dynamic-entry-count-warn-threshold
Description Set threshold percentage of “max-src-dst-entry” for generating warning logs. Including start and end.
Type: number
Range: 1-100
dynamic-entry-overflow-policy-list
enable-class-list-overflow
Description Apply class-list overflow policy upon exceeding dynamic entry count specified for this zone port or each class-list
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k
Description Enable ddos top-k detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-top-k-destination
Description Enable ddos top-k destination IP detection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
faster-de-escalation
Description De-escalate faster in standalone mode
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-cfg
Description: glid-cfg is a JSON Block. Please see below for zone-service-other-list_glid-cfg
Type: Object
ip-filtering-policy
Description Configure IP Filter
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/ip-filtering-policy
ip-filtering-policy-statistics
Description: ip-filtering-policy-statistics is a JSON Block. Please see below for zone-service-other-list_ip-filtering-policy-statistics
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/ip-filtering-policy-statistics
level-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/level/{level-num}
manual-mode-enable
Description Toggle manual mode to use fix templates
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
manual-mode-list
Type: List
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/manual-mode/{config}
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry
Type: number
Range: 0-2147483647
outbound-only
Description Only allow outbound traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
pattern-recognition
Description: pattern-recognition is a JSON Block. Please see below for zone-service-other-list_pattern-recognition
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/pattern-recognition
pattern-recognition-pu-details
Description: pattern-recognition-pu-details is a JSON Block. Please see below for zone-service-other-list_pattern-recognition-pu-details
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/pattern-recognition-pu-details
port-ind
Description: port-ind is a JSON Block. Please see below for zone-service-other-list_port-ind
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/port-ind
port-other
Description ‘other’: other;
Type: string
Supported Values: other
protocol
Description ‘tcp’: TCP Port; ‘udp’: UDP Port;
Type: string
Supported Values: tcp, udp
sflow-common
Description Enable all sFlow polling options under this zone port
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-common,sflow-packets, sflow-tcp-basic, and sflow-tcp-stateful are mutually exclusive
sflow-packets
Description Enable sFlow packet-level counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-packets and sflow-common are mutually exclusive
sflow-tcp
Description: sflow-tcp is a JSON Block. Please see below for zone-service-other-list_sflow-tcp
Type: Object
src-based-policy-list
stateful
Description Enable stateful tracking of sessions (Default is stateless)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
topk-destinations
Description: topk-destinations is a JSON Block. Please see below for zone-service-other-list_topk-destinations
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/topk-destinations
topk-dst-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-dst-sort-key
Description ‘avg’: window average; ‘max-peak’: max peak;
Type: string
Supported Values: avg, max-peak
Default: avg
topk-num-records
Description Maximum number of records to show in topk
Type: number
Range: 1-100
Default: 20
topk-sort-key
Description ‘avg’: window average; ‘max-peak’: max peak;
Type: string
Supported Values: avg, max-peak
Default: avg
topk-sources
Description: topk-sources is a JSON Block. Please see below for zone-service-other-list_topk-sources
Type: Object
Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service-other/{port-other}+{protocol}/topk-sources
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_pattern-recognition¶
Specification Value Type object algorithm
Description ‘heuristic’: heuristic algorithm;
Type: string
Supported Values: heuristic
capture-traffic
Description ‘all’: Capture all packets; ‘dropped’: Capture dropped packets (default);
Type: string
Supported Values: all, dropped
triggered-by
Description ‘zone-escalation’: Zone escalation trigger pattern recognition; ‘packet-rate-exceeds’: Packet rate limit exceeds trigger pattern recognition (default);
Type: string
Supported Values: zone-escalation, packet-rate-exceeds
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_dynamic-entry-overflow-policy-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-other-list_dynamic-entry-overflow-policy-list_zone-template
Type: Object
zone-service-other-list_dynamic-entry-overflow-policy-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-other-list_glid-cfg¶
Specification Value Type object action-list
Description Configure action-list to take
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Mutual Exclusion: action-list and glid-action are mutually exclusive
Reference Object: /axapi/v3/ddos/action-list
glid
Description Global limit ID for the whole zone
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default if default-action-list is not configured); ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, ignore
Mutual Exclusion: glid-action and action-list are mutually exclusive
per-addr-glid
Description Global limit ID per address
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
zone-service-other-list_level-list¶
Specification Value Type list Block object keys apply-extracted-filters
Description Apply extracted filters from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
clear-sources-upon-deescalation
Description Clear sources upon de-escalation from level 1 to 0 or manual to 0
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
close-sessions-for-all-sources
Description Close session for all sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
close-sessions-for-unauth-sources
Description Close session for unauthenticated sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
indicator-list
level-num
Description ‘0’: Default policy level; ‘1’: Policy level 1; ‘2’: Policy level 2; ‘3’: Policy level 3; ‘4’: Policy level 4;
Type: string
Supported Values: 0, 1, 2, 3, 4
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
src-escalation-score
Description Source activation score of this level
Type: number
Range: 1-1000000
src-violation-actions
Description Violation actions apply due to source escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
start-pattern-recognition
Description Start pattern recognition from this level
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-escalation-score
Description Zone activation score of this level
Type: number
Range: 1-1000000
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-other-list_level-list_zone-template
Type: Object
zone-violation-actions
Description Violation actions apply due to zone escalate from this level
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
zone-service-other-list_level-list_zone-template¶
Specification Value Type object encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-other-list_level-list_indicator-list¶
Specification Value Type list Block object keys data-packet-size
Description Expected minimal data size
Type: number
Range: 1-1500
score
Description Score corresponding to the indicator
Type: number
Range: 1-1000000
src-threshold-large-num
Description Indicator per-src threshold
Type: number
Range: 1-10995116277760
src-threshold-num
Description Indicator per-src threshold
Type: number
Range: 1-2147483647
src-threshold-str
Description Indicator per-src threshold
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
src-violation-actions
Description Violation actions to use when this src indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
tcp-window-size
Description Expected minimal window size
Type: number
Range: 1-500
type
Description ‘pkt-rate’: rate of incoming packets; ‘pkt-drop-rate’: rate of packets got dropped; ‘pkt-drop-ratio’: ratio of incoming packet rate divided by the rate of dropping packets; ‘bytes-to-bytes-from-ratio’: ratio of incoming packet rate divided by the rate of outgoing packets; ‘concurrent-conns’: number of concurrent connections; ‘conn-miss-rate’: rate of incoming packets for which no previously established connection exists; ‘syn-rate’: rate on incoming SYN packets; ‘fin-rate’: rate on incoming FIN packets; ‘rst-rate’: rate of incoming RST packets; ‘small-window-ack-rate’: rate of small window advertisement; ‘empty-ack-rate’: rate of incoming packets which have no payload; ‘small-payload-rate’: rate of short payload packet; ‘syn-fin-ratio’: ratio of incoming SYN packet rate divided by the rate of incoming FIN packets; ‘cpu-utilization’: average data CPU utilization; ‘interface-utilization’: outside interface utilization;
Type: string
Supported Values: pkt-rate, pkt-drop-rate, bit-rate, pkt-drop-ratio, bytes-to-bytes-from-ratio, concurrent-conns, conn-miss-rate, syn-rate, fin-rate, rst-rate, small-window-ack-rate, empty-ack-rate, small-payload-rate, syn-fin-ratio, cpu-utilization, interface-utilization, learnt-sources
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-threshold-large-num
Description Threshold for the entire zone
Type: number
Range: 1-10995116277760
zone-threshold-num
Description Threshold for the entire zone
Type: number
Range: 1-2147483647
zone-threshold-str
Description Threshold for the entire zone
Type: string
Maximum Length: 128 characters
Maximum Length: 1 characters
zone-violation-actions
Description Violation actions to use when this zone indicator threshold reaches
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/ddos/violation-actions
zone-service-other-list_manual-mode-list¶
Specification Value Type list Block object keys close-sessions-for-all-sources
Description Close session for all sources
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
config
Description ‘configuration’: Manual-mode configuration;
Type: string
Supported Values: configuration
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
src-default-glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-other-list_manual-mode-list_zone-template
Type: Object
zone-service-other-list_manual-mode-list_zone-template¶
Specification Value Type object encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-other-list_src-based-policy-list¶
Specification Value Type list Block object keys policy-class-list-list
src-based-policy-name
Description Specify name of the policy
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_src-based-policy-list_policy-class-list-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
class-list-name
Description Class-list name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
class-list-overflow-policy-list
dynamic-entry-count-warn-threshold
Description Set threshold percentage of “max-src-dst-entry” for generating warning logs. Including start and end.
Type: number
Range: 1-100
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
max-dynamic-entry-count
Description Maximum count for dynamic source zone service entry allowed for this class-list
Type: number
Range: 0-2147483647
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-other-list_src-based-policy-list_policy-class-list-list_zone-template
Type: Object
zone-service-other-list_src-based-policy-list_policy-class-list-list_zone-template¶
Specification Value Type object encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-other-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list¶
Specification Value Type list Block object keys action
Description ‘bypass’: Always permit for the Source to bypass all feature & limit checks; ‘deny’: Blacklist incoming packets for service;
Type: string
Supported Values: bypass, deny
dummy-name
Description ‘configuration’: Configure overflow policy for class-list;
Type: string
Supported Values: configuration
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
log-enable
Description Enable logging
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-periodic
Description Enable log periodic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-template
Description: zone-template is a JSON Block. Please see below for zone-service-other-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template
Type: Object
zone-service-other-list_src-based-policy-list_policy-class-list-list_class-list-overflow-policy-list_zone-template¶
Specification Value Type object dns
Description DDOS dns template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
encap
Description DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
http
Description DDOS http template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
logging
Description DDOS logging template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
sip
Description DDOS sip template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
ssl-l4
Description DDOS ssl-l4 template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
tcp
Description DDOS tcp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
udp
Description DDOS udp template
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
zone-service-other-list_pattern-recognition-pu-details¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_port-ind¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_ip-filtering-policy-statistics¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_sflow-tcp¶
Specification Value Type object sflow-tcp-basic
Description Enable sFlow basic TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-basic and sflow-common are mutually exclusive
sflow-tcp-stateful
Description Enable sFlow stateful TCP counter polling
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: sflow-tcp-stateful and sflow-common are mutually exclusive
zone-service-other-list_topk-sources¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
zone-service-other-list_topk-destinations¶
Specification Value Type object uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters