fw tcp¶
Firewall TCP parameters
tcp Specification¶
Parameter Value Type Intermediate Resource Element Name tcp Element URI /axapi/v3/fw/tcp Element Attributes tcp_attributes Partition Visibility shared Schema tcp schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
| Get Object | GET | /axapi/v3/fw/tcp | tcp_attributes | 
tcp attributes¶
mss-clamp
Description: mss-clamp is a JSON Block. Please see below for mss-clamp
Type: Object
Reference Object: /axapi/v3/fw/tcp/mss-clamp
reset-on-error
Description: reset-on-error is a JSON Block. Please see below for reset-on-error
Type: Object
Reference Object: /axapi/v3/fw/tcp/reset-on-error
syn-cookie
Description: syn-cookie is a JSON Block. Please see below for syn-cookie
Type: Object
Reference Object: /axapi/v3/fw/tcp/syn-cookie
mss-clamp¶
Specification Value Type object min
Description Specify the min value allowed for the TCP MSS (Specify the min value allowed for the TCP MSS (default: ((576 - 60 - 60))))
Type: number
Range: 0-1460
Default: 456
mss-clamp-type
Description ‘fixed’: Specify a fixed max value for the TCP MSS; ‘subtract’: Specify the value to subtract from the TCP MSS;
Type: string
Supported Values: fixed, subtract
mss-subtract
Description Specify the value to subtract from the TCP MSS (default: not configured)
Type: number
Range: 0-1460
mss-value
Description The max value allowed for the TCP MSS (default: not configured)}
Type: number
Range: 0-1460
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
reset-on-error¶
Specification Value Type object enable
Description Enable send TCP reset on error
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
outbound
Description ‘enable’: Enable send TCP reset on error;
Type: string
Supported Values: enable
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
syn-cookie¶
Specification Value Type object sampling-enable
Type: Listsyn-cookie-enable
Description Enable Firewall Syn-Cookie Protection
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
syn-cookie-on-threshold
Description on-threshold for Syn-cookie (Decimal number)
Type: number
Range: 1-1000000
syn-cookie-on-timeout
Description on-timeout for Syn-cookie (Timeout in seconds, default is 120 seconds (2 minutes))
Type: number
Range: 1-300000
Default: 120
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
syn-cookie_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘syn_ack_sent’: SYN cookie SYN ACK sent; ‘verification_passed’: SYN cookie verification passed; ‘verification_failed’: SYN cookie verification failed; ‘conn_setup_failed’: SYN cookie connection setup failed;
Type: string
Supported Values: all, syn_ack_sent, verification_passed, verification_failed, conn_setup_failed