{ "id":"/axapi/v3/ddos/dst/zone/{zone-name}/port-range/{port-range-start}+{port-range-end}+{protocol}/level/{level-num}", "type":"object", "node-type":"list", "title":"level", "partition-visibility":"shared", "description":"Policy Level Configuration", "properties":{ "level-num":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'0': Default policy level; '1': Policy level 1; '2': Policy level 2; '3': Policy level 3; '4': Policy level 4; ", "enum":[ "0", "1", "2", "3", "4" ], "optional":false }, "src-default-glid":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/glid", "description":"Global limit ID", "optional":true }, "glid-action":{ "type":"string", "format":"enum", "plat-neg-list":["softax-ddet"], "partition-visibility":"shared", "description":"'drop': Drop packets for glid exceed (Default); 'blacklist-src': Blacklist-src for glid exceed; 'ignore': Do nothing for glid exceed; ", "enum":[ "drop", "blacklist-src", "ignore" ], "optional":true }, "zone-escalation-score":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "partition-visibility":"shared", "description":"Zone activation score of this level", "optional":true }, "zone-violation-actions":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/violation-actions", "description":"Violation actions apply due to zone escalate from this level", "optional":true }, "src-escalation-score":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "partition-visibility":"shared", "description":"Source activation score of this level", "optional":true }, "src-violation-actions":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/violation-actions", "description":"Violation actions apply due to source escalate from this level", "optional":true }, "zone-template":{ "type":"object", "properties":{ "quic":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS quic template" }, "dns":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS dns template" }, "http":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS http template" }, "ssl-l4":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS ssl-l4 template" }, "sip":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS sip template" }, "tcp":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS tcp template" }, "udp":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS udp template" }, "encap":{ "type":"string", "format":"string-rlx", "plat-neg-list":["softax-ddet"], "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"DDOS encap template (IPv6-over-IPv4 / IPv4-over-IPv6 are not supported.)" } } }, "close-sessions-for-unauth-sources":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Close session for unauthenticated sources", "optional":true }, "start-pattern-recognition":{ "type":"number", "format":"flag", "plat-neg-list":["softax-ddet"], "default":0, "partition-visibility":"shared", "description":"Start pattern recognition from this level", "optional":true }, "apply-extracted-filters":{ "type":"number", "format":"flag", "plat-neg-list":["softax-ddet"], "default":0, "partition-visibility":"shared", "description":"Apply extracted filters from this level", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "indicator-list":{ "type":"array", "minItems":1, "items":{ "type":"indicator" }, "uniqueItems":true, "$ref":"/axapi/v3/ddos/dst/zone/{zone-name}/port-range/{port-range-start}+{port-range-end}+{protocol}/level/{level-num}/indicator/{type}", "array":[ { "properties":{ "type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'pkt-rate': rate of incoming packets; 'pkt-drop-rate': rate of packets got dropped; 'bit-rate': rate of incoming bits; 'pkt-drop-ratio': ratio of incoming packet rate divided by the rate of dropping packets; 'bytes-to-bytes-from-ratio': ratio of incoming packet rate divided by the rate of outgoing packets; 'concurrent-conns': number of concurrent connections; 'conn-miss-rate': rate of incoming packets for which no previously established connection exists; 'syn-rate': rate on incoming SYN packets; 'fin-rate': rate on incoming FIN packets; 'rst-rate': rate of incoming RST packets; 'small-window-ack-rate': rate of small window advertisement; 'empty-ack-rate': rate of incoming packets which have no payload; 'small-payload-rate': rate of short payload packet; 'syn-fin-ratio': ratio of incoming SYN packet rate divided by the rate of incoming FIN packets; 'cpu-utilization': average data CPU utilization; 'interface-utilization': outside interface utilization; ", "enum":[ "pkt-rate", "pkt-drop-rate", "bit-rate", "pkt-drop-ratio", "bytes-to-bytes-from-ratio", "concurrent-conns", "conn-miss-rate", "syn-rate", "fin-rate", "rst-rate", "small-window-ack-rate", "empty-ack-rate", "small-payload-rate", "syn-fin-ratio", "cpu-utilization", "interface-utilization" ], "optional":false }, "tcp-window-size":{ "type":"number", "format":"number", "minimum":1, "maximum":500, "partition-visibility":"shared", "description":"Expected minimal window size", "optional":true }, "data-packet-size":{ "type":"number", "format":"number", "minimum":1, "maximum":1500, "partition-visibility":"shared", "description":"Expected minimal data size", "optional":true }, "score":{ "type":"number", "format":"number", "minimum":1, "maximum":1000000, "partition-visibility":"shared", "description":"Score corresponding to the indicator", "optional":true }, "src-threshold-num":{ "type":"number", "format":"number", "minimum":1, "maximum":2147483647, "partition-visibility":"shared", "description":"Indicator per-src threshold", "optional":true }, "src-threshold-large-num":{ "type":"number", "format":"number", "minimum":1, "maximum":10995116277760, "partition-visibility":"shared", "description":"Indicator per-src threshold", "optional":true }, "src-threshold-str":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"Indicator per-src threshold (Non-zero floating point)", "optional":true }, "src-violation-actions":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/violation-actions", "description":"Violation actions to use when this src indicator threshold reaches", "optional":true }, "zone-threshold-num":{ "type":"number", "format":"number", "minimum":1, "maximum":2147483647, "partition-visibility":"shared", "description":"Threshold for the entire zone", "optional":true }, "zone-threshold-large-num":{ "type":"number", "format":"number", "minimum":1, "maximum":10995116277760, "partition-visibility":"shared", "description":"Threshold for the entire zone", "optional":true }, "zone-threshold-str":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"Threshold for the entire zone (Non-zero floating point)", "optional":true }, "zone-violation-actions":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/ddos/violation-actions", "description":"Violation actions to use when this zone indicator threshold reaches", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "required":[ "type" ] } ] } }, "object-keys":[ "level-num" ], "required":[ "level-num" ] }