{ "id":"/axapi/v3/ddos/ip-filtering-policy/{name}", "type":"object", "node-type":"list", "title":"ip-filtering-policy", "partition-visibility":"shared", "description":"IP Filter Configuration", "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS ip-filtering-policy name", "optional":false }, "default-action":{ "type":"string", "format":"enum", "default":"permit", "partition-visibility":"shared", "description":"'drop': Drop all the packets not meet any rule; 'permit': Forward all the packets not meet any rule (Default); ", "enum":[ "drop", "permit" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "rule-list":{ "type":"array", "minItems":1, "items":{ "type":"rule" }, "uniqueItems":true, "$ref":"/axapi/v3/ddos/ip-filtering-policy/{name}/rule/{seq}", "array":[ { "properties":{ "seq":{ "type":"number", "format":"number", "minimum":1, "maximum":200, "partition-visibility":"shared", "description":"Sequence number", "optional":false }, "action":{ "type":"string", "format":"enum", "default":"drop", "partition-visibility":"shared", "description":"'drop': Drop the packet (default); 'permit': Let the packet skip all afterword address filters; 'blacklist': Blacklist with glid; 'bypass': Bypass all the ddos process; ", "enum":[ "drop", "permit", "blacklist", "bypass" ], "optional":true }, "glid":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/glid", "description":"Global limit ID", "optional":true }, "src-ip":{ "type":"string", "format":"ipv4-cidr", "partition-visibility":"shared", "not-list":[ "src-ipv6", "dst-ipv6" ], "description":"IPv4 Subnet address", "optional":true }, "src-ipv6":{ "type":"string", "format":"ipv6-address-plen", "partition-visibility":"shared", "not-list":[ "src-ip", "dst-ip" ], "description":"IPv6 Subnet address", "optional":true }, "dst-ip":{ "type":"string", "format":"ipv4-cidr", "partition-visibility":"shared", "not-list":[ "src-ipv6", "dst-ipv6" ], "description":"IPv4 Subnet address", "optional":true }, "dst-ipv6":{ "type":"string", "format":"ipv6-address-plen", "partition-visibility":"shared", "not-list":[ "src-ip", "dst-ip" ], "description":"IPv6 Subnet address", "optional":true }, "protocol":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'tcp': TCP; 'udp': UDP; 'icmp-v4': ICMP; 'icmp-v6': ICMPv6; 'number': Specify IP protocol number; ", "enum":[ "tcp", "udp", "icmp-v4", "icmp-v6", "number" ], "optional":true }, "proto-num":{ "type":"number", "format":"number", "minimum":0, "maximum":255, "partition-visibility":"shared", "description":"IP proto number", "optional":true }, "src-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "not":"src-port-start", "description":"Match only packets with the port number", "optional":true }, "src-port-start":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "not":"src-port", "description":"Match only packets in the range of port numbers (Starting Port Number)", "optional":true }, "src-port-end":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Ending Port Number", "optional":true }, "dst-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "not":"dst-port-start", "description":"Match only packets with the port number", "optional":true }, "dst-port-start":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "not":"dst-port", "description":"Match only packets in the range of port numbers (Starting Port Number)", "optional":true }, "dst-port-end":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Ending Port Number", "optional":true }, "tcp-flag":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'match-all': not = 0 match = 1; 'none-of': not = 1 match = 0; 'match-any': not = 0 match = 0; ", "enum":[ "match-all", "none-of", "match-any" ], "optional":true }, "tcp-flags-bitmask":{ "type":"string", "format":"time", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"Bitmask in Hex", "optional":true }, "icmp-type":{ "type":"number", "format":"number", "minimum":0, "maximum":255, "partition-visibility":"shared", "description":"ICMP message type", "optional":true }, "icmp-code":{ "type":"number", "format":"number", "minimum":0, "maximum":255, "partition-visibility":"shared", "description":"ICMP code", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "seq" ] } ] } }, "object-keys":[ "name" ], "required":[ "name" ] }