{ "id":"/axapi/v3/ddos/zone-template/udp/{name}", "type":"object", "node-type":"list", "title":"udp", "partition-visibility":"shared", "description":"UDP template configuration", "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS UDP Template Name", "optional":false }, "age":{ "type":"number", "format":"number", "minimum":1, "maximum":63, "default":2, "partition-visibility":"shared", "description":"Configure session age(in minutes) for UDP sessions", "optional":true }, "per-conn-pkt-rate-cfg":{ "type":"object", "properties":{ "per-conn-pkt-rate-limit":{ "type":"number", "format":"number", "minimum":1, "maximum":16000000, "partition-visibility":"shared", "description":"Packet rate limit per connection per rate-interval" }, "per-conn-pkt-rate-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"per-conn-pkt-rate-action", "description":"Configure action-list to take for per-conn-pkt-rate exceed" }, "per-conn-pkt-rate-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"per-conn-pkt-rate-action-list-name", "description":"'drop': Drop packets for per-conn-pkt-rate exceed (Default); 'blacklist-src': help Blacklist-src for per-conn-pkt-rate exceed; 'ignore': Ignore per-conn-pkt-rate-exceed; ", "enum":[ "drop", "blacklist-src", "ignore" ] } } }, "per-conn-rate-interval":{ "type":"string", "format":"enum", "default":"1sec", "partition-visibility":"shared", "description":"'100ms': 100ms; '1sec': 1sec; ", "enum":[ "100ms", "1sec" ], "optional":true }, "filter-match-type":{ "type":"string", "format":"enum", "default":"default", "partition-visibility":"shared", "description":"'default': Stop matching on drop/blacklist action; 'stop-on-first-match': Stop matching on first match; ", "enum":[ "default", "stop-on-first-match" ], "optional":true }, "spoof-detect-retry-timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":31, "partition-visibility":"shared", "description":"Timeout in seconds", "optional":true }, "spoof-detect-min-delay-interval":{ "type":"string", "format":"enum", "default":"1sec", "partition-visibility":"shared", "description":"'100ms': 100ms; '1sec': 1sec; ", "enum":[ "100ms", "1sec" ], "optional":true }, "spoof-detect-min-delay":{ "type":"number", "format":"number", "minimum":1, "maximum":80, "partition-visibility":"shared", "description":"Optional minimum delay between UDP retransmits for authentication to pass, unit is specified by min-delay-interval", "optional":true }, "spoof-detect-pass-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"spoof-detect-pass-action", "description":"Configure action-list to take for passing the authentication", "optional":true }, "spoof-detect-pass-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"spoof-detect-pass-action-list-name", "description":"'authenticate-src': authenticate-src (Default); ", "enum":[ "authenticate-src" ], "optional":true }, "spoof-detect-fail-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"spoof-detect-fail-action", "description":"Configure action-list to take for failing the authentication", "optional":true }, "spoof-detect-fail-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"spoof-detect-fail-action-list-name", "description":"'drop': Drop packets (Default); 'blacklist-src': Blacklist-src for spoof-detect fail; ", "enum":[ "drop", "blacklist-src" ], "optional":true }, "token-authentication":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable Token Authentication", "optional":true }, "token-authentication-hw-assist-disable":{ "type":"number", "format":"flag", "plat-neg-list":["non-fpga,soft-ax", "soft-ax"], "default":0, "partition-visibility":"shared", "description":"token-authentication disable hardware assistance", "optional":true }, "token-authentication-salt-prefix":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"token-authentication salt-prefix", "optional":true }, "token-authentication-salt-prefix-curr":{ "type":"number", "format":"number", "minimum":1, "maximum":4294967295, "partition-visibility":"shared", "optional":true }, "token-authentication-salt-prefix-prev":{ "type":"number", "format":"number", "minimum":1, "maximum":4294967295, "partition-visibility":"shared", "optional":true }, "token-authentication-formula":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'md5_Salt-SrcIp-SrcPort-DstIp-DstPort': md5 of Salt-SrcIp-SrcPort-DstIp-DstPort; 'md5_Salt-DstIp-DstPort': md5 of Salt-DstIp-DstPort; 'md5_Salt-SrcIp-DstIp': md5 of Salt-SrcIp-DstIp; 'md5_Salt-SrcPort-DstPort': md5 of Salt-SrcPort-DstPort; 'md5_Salt-UintDstIp-DstPort': Using the uint value of IP for md5 of Salt-DstIp-DstPort; 'sha1_Salt-SrcIp-SrcPort-DstIp-DstPort': sha1 of Salt-SrcIp-SrcPort-DstIp-DstPort; 'sha1_Salt-DstIp-DstPort': sha1 of Salt-DstIp-DstPort; 'sha1_Salt-SrcIp-DstIp': sha1 of Salt-SrcIp-DstIp; 'sha1_Salt-SrcPort-DstPort': sha1 of Salt-SrcPort-DstPort; 'sha1_Salt-UintDstIp-DstPort': Using the uint value of IP for sha1 of Salt-DstIp-DstPort; ", "enum":[ "md5_Salt-SrcIp-SrcPort-DstIp-DstPort", "md5_Salt-DstIp-DstPort", "md5_Salt-SrcIp-DstIp", "md5_Salt-SrcPort-DstPort", "md5_Salt-UintDstIp-DstPort", "sha1_Salt-SrcIp-SrcPort-DstIp-DstPort", "sha1_Salt-DstIp-DstPort", "sha1_Salt-SrcIp-DstIp", "sha1_Salt-SrcPort-DstPort", "sha1_Salt-UintDstIp-DstPort" ], "optional":true }, "previous-salt-timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":10080, "default":1, "partition-visibility":"shared", "description":"Token-Authentication previous salt-prefix timeout in minutes, default is 1 min", "optional":true }, "token-authentication-public-address":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"The server public IP address", "optional":true }, "public-ipv4-addr":{ "type":"string", "format":"ipv4-address", "partition-visibility":"shared", "description":"IP address", "optional":true }, "public-ipv6-addr":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "description":"IPV6 address", "optional":true }, "known-resp-src-port-cfg":{ "type":"object", "properties":{ "known-resp-src-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Take action if src-port is less than 1024" }, "known-resp-src-port-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"known-resp-src-port-action", "description":"Configure action-list to take for well-known src-port" }, "known-resp-src-port-action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"known-resp-src-port-action-list-name", "description":"'drop': Drop packets from well-known src-port(Default); 'blacklist-src': Blacklist-src from well-known src-port; 'ignore': Ignore well-known src-port; ", "enum":[ "drop", "blacklist-src", "ignore" ] }, "exclude-src-resp-port":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Exclude src port equal to dst port" } } }, "ntp-monlist-cfg":{ "type":"object", "properties":{ "ntp-monlist":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Take action for ntp monlist request/response" }, "ntp-monlist-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"ntp-monlist-action", "description":"Configure action-list to take for ntp-monlist" }, "ntp-monlist-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"ntp-monlist-action-list-name", "description":"'drop': Drop packets for ntp-monlist (Default); 'blacklist-src': Blacklist-src for ntp-monlist; 'ignore': Ignore ntp-monlist; ", "enum":[ "drop", "blacklist-src", "ignore" ] } } }, "max-payload-size-cfg":{ "type":"object", "properties":{ "max-payload-size":{ "type":"number", "format":"number", "minimum":1, "maximum":1470, "partition-visibility":"shared", "description":"Maximum UDP payload size for each single packet" }, "max-payload-size-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":64, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"max-payload-size-action", "description":"Configure action-list to take for max-payload-size exceed" }, "max-payload-size-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"max-payload-size-action-list-name", "description":"'drop': Drop packets for max-payload-size exceed (Default); 'blacklist-src': Blacklist-src for max-payload-size exceed; 'ignore': Do nothing for max-payload-size exceed; ", "enum":[ "drop", "blacklist-src", "ignore" ] } } }, "min-payload-size-cfg":{ "type":"object", "properties":{ "min-payload-size":{ "type":"number", "format":"number", "minimum":1, "maximum":1470, "partition-visibility":"shared", "description":"Minimum UDP payload size for each single packet" }, "min-payload-size-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":64, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/action-list", "not":"min-payload-size-action", "description":"Configure action-list to take for min-payload-size exceed" }, "min-payload-size-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"min-payload-size-action-list-name", "description":"'drop': Drop packets for min-payload-size (Default); 'blacklist-src': Blacklist-src for min-payload-size; 'ignore': Do nothing for min-payload-size exceed; ", "enum":[ "drop", "blacklist-src", "ignore" ] } } }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "filter-list":{ "type":"array", "minItems":1, "items":{ "type":"filter" }, "uniqueItems":true, "$ref":"/axapi/v3/ddos/zone-template/udp/{name}/filter/{udp-filter-name}", "array":[ { "properties":{ "udp-filter-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "optional":false }, "udp-filter-seq":{ "type":"number", "format":"number", "minimum":1, "maximum":200, "partition-visibility":"shared", "description":"Sequence number", "optional":true }, "udp-filter-regex":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1275, "partition-visibility":"shared", "description":"Regex Expression", "optional":true }, "udp-filter-inverse-match":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Inverse the result of the matching", "optional":true }, "byte-offset-filter":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1275, "partition-visibility":"shared", "description":"Filter using Berkeley Packet Filter syntax", "optional":true }, "udp-filter-action-list-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "not":"udp-filter-action", "description":"Configure action-list to take", "optional":true }, "udp-filter-action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "not":"udp-filter-action-list-name", "description":"'drop': Drop packets (Default); 'ignore': Take no action; 'blacklist-src': Blacklist-src; 'authenticate-src': Authenticate-src; ", "enum":[ "drop", "ignore", "blacklist-src", "authenticate-src" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "udp-filter-name" ] } ] } }, "object-keys":[ "name" ], "required":[ "name" ] }