.. _ip_anomaly_drop:

ip anomaly-drop
===============

Set IP anomaly drop policy


anomaly-drop Specification
--------------------------

	===================================== ========================================================
	===================================== ========================================================
	 **Type**                              *Configuration Resource*

	 **Element Name**                      anomaly-drop

	 **Element URI**                       /axapi/v3/ip/anomaly-drop

	 **Element Attributes**                anomaly-drop_attributes

	 **Statistics Data URI**               /axapi/v3/ip/anomaly-drop/stats

	 **Schema**                             :download:`anomaly-drop schema <ip-anomaly-drop/ip-anomaly-drop.txt>`
	===================================== ========================================================





	**Operations Allowed:**




.. raw:: html

   <script type="text/javascript">
 function showExample(a,b) { document.getElementById(a+'_div').style.display = 'block'; document.getElementById(a+'_cl').style.display = 'block'; document.getElementById(a+'_eg').style.display = 'none';}
   function closeExample(a,b) { document.getElementById(a+'_div').style.display = 'none'; document.getElementById(a+'_cl').style.display = 'none'; document.getElementById(a+'_eg').style.display = 'block';}
 </script>
   <table width='90%' style='margin-left:5%'>



.. raw:: html

   <tr style='border-bottom: thin solid; border-top: thin solid'><th width=15%>Operation</th><th width=10%>Method</th><th>URI</th><th width=15%>Payload</th><th width=10%></th></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Create Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ip/anomaly-drop



.. raw:: html

   </td><td valign = 'top'>


:ref:`509_anomaly-drop_attributes`



.. raw:: html

   </td><td><button id='post_eg' onClick="showExample('post')">example</button> <button id='post_cl' onClick="closeExample('post')" style='display:none'>close</button></td></tr>




.. raw:: html

   <tr><td colspan=5 style='padding: 0         % 0    %;' valign = 'top'><div id='post_div' style='display:none'>


.. include:: ../artifacts/ip_anomaly_drop_POST.txt
   :literal:




.. raw:: html

   </div></td></tr>


.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Get Object



.. raw:: html

   </td><td valign = 'top'>


GET



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ip/anomaly-drop



.. raw:: html

   </td><td valign = 'top'>


:ref:`509_anomaly-drop_attributes`



.. raw:: html

   </td><td><button id='get_eg' onClick="showExample('get')">example</button> <button id='get_cl' onClick="closeExample('get')" style='display:none'>close</button></td></tr>




.. raw:: html

   <tr><td colspan=5 style='padding: 0         % 0    %;' valign = 'top'><div id='get_div' style='display:none'>


.. include:: ../artifacts/ip_anomaly_drop_GET.txt
   :literal:




.. raw:: html

   </div></td></tr>


.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Modify Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ip/anomaly-drop



.. raw:: html

   </td><td valign = 'top'>


:ref:`509_anomaly-drop_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Replace Object



.. raw:: html

   </td><td valign = 'top'>


PUT



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ip/anomaly-drop



.. raw:: html

   </td><td valign = 'top'>


:ref:`509_anomaly-drop_attributes`



.. raw:: html

   </td><td><button id='put_eg' onClick="showExample('put')">example</button> <button id='put_cl' onClick="closeExample('put')" style='display:none'>close</button></td></tr>




.. raw:: html

   <tr><td colspan=5 style='padding: 0         % 0    %;' valign = 'top'><div id='put_div' style='display:none'>


.. include:: ../artifacts/ip_anomaly_drop_PUT.txt
   :literal:




.. raw:: html

   </div></td></tr>


.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Delete Object



.. raw:: html

   </td><td valign = 'top'>


DELETE



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ip/anomaly-drop



.. raw:: html

   </td><td valign = 'top'>


:ref:`509_anomaly-drop_attributes`



.. raw:: html

   </td><td><button id='delete_eg' onClick="showExample('delete')">example</button> <button id='delete_cl' onClick="closeExample('delete')" style='display:none'>close</button></td></tr>




.. raw:: html

   <tr><td colspan=5 style='padding: 0         % 0    %;' valign = 'top'><div id='delete_div' style='display:none'>


.. include:: ../artifacts/ip_anomaly_drop_DELETE.txt
   :literal:




.. raw:: html

   </div></td></tr>


.. raw:: html

   </table>

.. _509_anomaly-drop_attributes:

anomaly-drop attributes
-----------------------

    **bad-content**

        **Description** bad content threshold (threshold value)

        **Type:** number

        **Range:** 1-127

    **drop-all**

        **Description** drop all IP anomaly packets

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **frag**

        **Description** drop all fragmented packets

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **ip-option**

        **Description** drop packets with IP options

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **land-attack**

        **Description** drop IP packets with the same source and destination addresses

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **out-of-sequence**

        **Description** out of sequence packet threshold (threshold value)

        **Type:** number

        **Range:** 1-127

    **packet-deformity**

        **Description:** packet-deformity is a **JSON Block**.  Please see below for :ref:`509_packet-deformity` 

        **Type:** Object

    **ping-of-death**

        **Description** drop oversize ICMP packets

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **sampling-enable**

        **Type:** List

    **security-attack**

        **Description:** security-attack is a **JSON Block**.  Please see below for :ref:`509_security-attack` 

        **Type:** Object

    **tcp-no-flag**

        **Description** drop TCP packets with no flag

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **tcp-syn-fin**

        **Description** drop TCP packets with both syn and fin flags set

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **tcp-syn-frag**

        **Description** drop fragmented TCP packets with syn flag set

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

    **zero-window**

        **Description** zero window size threshold (threshold value)

        **Type:** number

        **Range:** 1-127

.. _509_security-attack:

security-attack
^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **security-attack-layer-3**

        **Description** drop packets with layer 3 anomaly

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **security-attack-layer-4**

        **Description** drop packets with layer 4 anomaly

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

.. _509_packet-deformity:

packet-deformity
^^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **packet-deformity-layer-3**

        **Description** drop packets with layer 3 anomaly

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **packet-deformity-layer-4**

        **Description** drop packets with layer 4 anomaly

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

.. _509_sampling-enable:

sampling-enable
^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *list*

	 **Block object keys**             

	=============================== ===================================================

    **counters1**

        **Description** 'all': all; 'land': land; 'emp_frg': emp_frg; 'emp_mic_frg': emp_mic_frg; 'opt': opt; 'frg': frg; 'bad_ip_hdrlen': bad_ip_hdrlen; 'bad_ip_flg': bad_ip_flg; 'bad_ip_ttl': bad_ip_ttl; 'no_ip_payload': no_ip_payload; 'over_ip_payload': over_ip_payload; 'bad_ip_payload_len': bad_ip_payload_len; 'bad_ip_frg_offset': bad_ip_frg_offset; 'csum': csum; 'pod': pod; 'bad_tcp_urg_offset': bad_tcp_urg_offset; 'tcp_sht_hdr': tcp_sht_hdr; 'tcp_bad_iplen': tcp_bad_iplen; 'tcp_null_frg': tcp_null_frg; 'tcp_null_scan': tcp_null_scan; 'tcp_syn_fin': tcp_syn_fin; 'tcp_xmas': tcp_xmas; 'tcp_xmas_scan': tcp_xmas_scan; 'tcp_syn_frg': tcp_syn_frg; 'tcp_frg_hdr': tcp_frg_hdr; 'tcp_bad_csum': tcp_bad_csum; 'udp_srt_hdr': udp_srt_hdr; 'udp_bad_len': udp_bad_len; 'udp_kerb_frg': udp_kerb_frg; 'udp_port_lb': udp_port_lb; 'udp_bad_csum': udp_bad_csum; 'runt_ip_hdr': runt_ip_hdr; 'runt_tcp_udp_hdr': runt_tcp_udp_hdr; 'ipip_tnl_msmtch': ipip_tnl_msmtch; 'tcp_opt_err': tcp_opt_err; 'ipip_tnl_err': ipip_tnl_err; 'vxlan_err': vxlan_err; 'nvgre_err': nvgre_err; 'gre_pptp_err': gre_pptp_err; 

        **Type:** string

        **Supported Values:** all, land, emp_frg, emp_mic_frg, opt, frg, bad_ip_hdrlen, bad_ip_flg, bad_ip_ttl, no_ip_payload, over_ip_payload, bad_ip_payload_len, bad_ip_frg_offset, csum, pod, bad_tcp_urg_offset, tcp_sht_hdr, tcp_bad_iplen, tcp_null_frg, tcp_null_scan, tcp_syn_fin, tcp_xmas, tcp_xmas_scan, tcp_syn_frg, tcp_frg_hdr, tcp_bad_csum, udp_srt_hdr, udp_bad_len, udp_kerb_frg, udp_port_lb, udp_bad_csum, runt_ip_hdr, runt_tcp_udp_hdr, ipip_tnl_msmtch, tcp_opt_err, ipip_tnl_err, vxlan_err, nvgre_err, gre_pptp_err

.. _509_stats_data:

stats data
----------
.. list-table::
   :widths: 10 20 30 80
   :header-rows: 2
   :stub-columns: 1

   *  - 
      - Counter
      - Size
      - Description

   *  - 
      - 
      - 
      - 

   *  - 
      - tcp_frg_hdr
      - 8
      - TCP Fragmented Header Drop

   *  - 
      - tcp_null_frg
      - 8
      - TCP Null Flags Drop

   *  - 
      - over_ip_payload
      - 8
      - Oversize IP Payload Drop

   *  - 
      - udp_bad_csum
      - 8
      - UDP Bad Checksum Drop

   *  - 
      - nvgre_err
      - 8
      - GRE Tunnel Error Drop

   *  - 
      - tcp_syn_fin
      - 8
      - TCP Syn and Fin Drop

   *  - 
      - udp_kerb_frg
      - 8
      - UDP Kerberos Fragment Drop

   *  - 
      - tcp_syn_frg
      - 8
      - TCP Syn Fragment Drop

   *  - 
      - tcp_bad_iplen
      - 8
      - TCP Bad IP Length Drop

   *  - 
      - ipip_tnl_err
      - 8
      - IP-over-IP Tunnel Error Drop

   *  - 
      - csum
      - 8
      - Bad IP Checksum Drop

   *  - 
      - tcp_xmas
      - 8
      - TCP XMAS Flags Drop

   *  - 
      - pod
      - 8
      - ICMP Ping of Death Drop

   *  - 
      - tcp_bad_csum
      - 8
      - TCP Bad Checksum Drop

   *  - 
      - emp_frg
      - 8
      - Empty Fragment Drop

   *  - 
      - frg
      - 8
      - IPv4 Fragment Drop

   *  - 
      - bad_ip_ttl
      - 8
      - Bad IP TTL Drop

   *  - 
      - bad_ip_frg_offset
      - 8
      - Bad IP Fragment Offset Drop

   *  - 
      - tcp_sht_hdr
      - 8
      - TCP Short Header Drop

   *  - 
      - tcp_xmas_scan
      - 8
      - TCP XMAS Scan Drop

   *  - 
      - no_ip_payload
      - 8
      - No IP Payload drop

   *  - 
      - udp_bad_len
      - 8
      - UDP Bad Length Drop

   *  - 
      - opt
      - 8
      - IPv4 Options Drop

   *  - 
      - vxlan_err
      - 8
      - VXLAN Tunnel Error Drop

   *  - 
      - bad_ip_payload_len
      - 8
      - Bad IP Payload Len Drop

   *  - 
      - runt_ip_hdr
      - 8
      - Runt IP Header Drop

   *  - 
      - runt_tcp_udp_hdr
      - 8
      - Runt TCP/UDP Header Drop

   *  - 
      - emp_mic_frg
      - 8
      - Micro Fragment Drop

   *  - 
      - bad_ip_hdrlen
      - 8
      - Bad IP Header Len Drop

   *  - 
      - tcp_null_scan
      - 8
      - TCP Null Scan Drop

   *  - 
      - land
      - 8
      - Land Attack Drop

   *  - 
      - tcp_opt_err
      - 8
      - TCP Option Error Drop

   *  - 
      - bad_ip_flg
      - 8
      - Bad IP Flags Drop

   *  - 
      - udp_srt_hdr
      - 8
      - UDP Short Header Drop

   *  - 
      - udp_port_lb
      - 8
      - UDP Port Loopback Drop

   *  - 
      - bad_tcp_urg_offset
      - 8
      - TCP Bad Urgent Offset Drop

   *  - 
      - gre_pptp_err
      - 8
      - GRE PPTP Error Drop

   *  - 
      - ipip_tnl_msmtch
      - 8
      - IP-over-IP Tunnel Mismatch Drop