{
    "id":"/axapi/v3/fw/ddos-protection",
    "type":"object",
    "node-type":"scalar",
    "title":"ddos-protection",
    "operation-not-allowed": ["PUT"],
    "partition-visibility":"shared",
    "auto-created-object":1,
    "description":"Configure FW DDoS Protection",
    "properties":{
        "dynamic-blacklist":{
            "type":"object",
            "properties":{
                "dynamic-blacklist-action":{
                    "type":"string",
                    "format":"enum",
                    "default":"disable",
                    "partition-visibility":"shared",
                    "description":"'enable': Enable protection against volumetric attacks using dynamic blacklist; 'disable': Disable protection against volumetric attacks using dynamic blacklist; ",
                    "enum":[
                        "enable",
                        "disable"
                    ]
                },
                "dir":{
                    "type":"string",
                    "format":"enum",
                    "default":"both",
                    "partition-visibility":"shared",
                    "description":"'inbound': enable in inbound direction; 'outbound': enable in outbound direction; 'both': enable in both directions; ",
                    "enum":[
                        "inbound",
                        "outbound",
                        "both"
                    ]
                },
                "timeout":{
                    "type":"number",
                    "format":"number",
                    "minimum":1,
                    "maximum":30,
                    "default":5,
                    "partition-visibility":"shared",
                    "description":"Timeout value (in seconds) for dynamic blacklist (Timeout value (in seconds) for dynamic blacklist(default is 5 seconds))"
                },
                "cpu-threshold":{
                    "type":"number",
                    "format":"number",
                    "minimum":0,
                    "maximum":80,
                    "default":60,
                    "partition-visibility":"shared",
                    "description":"Core-level CPU usage threshold for dynamic blacklist creation (Core-level CPU usage threshold for dynamic blacklist creation (default is 60))"
                }
            }
        },
        "logging":{
            "type":"object",
            "properties":{
                "logging-action":{
                    "type":"string",
                    "format":"enum",
                    "default":"enable",
                    "partition-visibility":"shared",
                    "description":"'enable': enable FW DDoS protection logging; 'disable': Disable both local & remote FW DDoS protection logging; ",
                    "enum":[
                        "enable",
                        "disable"
                    ]
                },
                "enable-action":{
                    "type":"string",
                    "format":"enum",
                    "default":"local",
                    "partition-visibility":"shared",
                    "description":"'local': Enable local logs only; 'remote': Enable logging to remote server & IPFIX; 'both': Enable both local & remote logs; ",
                    "enum":[
                        "local",
                        "remote",
                        "both"
                    ]
                }
            }
        },
        "action":{
            "type":"object",
            "properties":{
                "action-type":{
                    "type":"string",
                    "format":"enum",
                    "default":"drop",
                    "partition-visibility":"shared",
                    "description":"'drop': Log, and drop all packets (default); 'redistribute-route': Log, Drop, and Notify upstream router to reroute the packets; ",
                    "enum":[
                        "drop",
                        "redistribute-route"
                    ]
                },
                "route-map":{
                    "type":"string",
                    "format":"string",
                    "minLength":1,
                    "maxLength":128,
                    "partition-visibility":"shared",
                    "description":"Route map name"
                },
                "expiration":{
                    "type":"number",
                    "format":"number",
                    "minimum":2,
                    "maximum":144000,
                    "default":5,
                    "partition-visibility":"shared",
                    "description":"To specify time in minutes to revert the action (Expiration time, in minutes (default is 5 mins))"
                },
                "expiration-route":{
                    "type":"number",
                    "format":"number",
                    "minimum":2,
                    "maximum":144000,
                    "default":60,
                    "partition-visibility":"shared",
                    "description":"To specify time in minutes to revert the action (Expiration time, in minutes (default is 60 mins))"
                },
                "timer-multiply-max":{
                    "type":"number",
                    "format":"number",
                    "minimum":1,
                    "maximum":100,
                    "default":6,
                    "partition-visibility":"shared",
                    "description":"To specify max value of timer multiplier for attacks lasted long time (Max value of timer multiplier (default is 6))"
                },
                "remove-wait-timer":{
                    "type":"number",
                    "format":"number",
                    "minimum":0,
                    "maximum":300,
                    "default":300,
                    "partition-visibility":"shared",
                    "description":"Max time to wait before removing IP from blackhole (Max value in seconds (default 300))"
                }
            }
        },
        "uuid":{
            "type":"string",
            "format":"string",
            "minLength":1,
            "maxLength":64,
            "partition-visibility":"shared",
            "modify-not-allowed":1,
            "description":"uuid of the object",
            "optional":true
        },
        "sampling-enable":{
            "type":"array",
            "minItems":1,
            "items":{
                "type":"object"
            },
            "uniqueItems":true,
            "array":[
                {
                    "properties":{
                        "counters1":{
                            "type":"string",
                            "format":"enum",
                            "partition-visibility":"shared",
                            "description":"'all': all; 'ddos_entries_too_many': Too many DDOS entries; 'ddos_entry_added': DDOS entry added; 'ddos_entry_removed': DDOS entry removed; 'ddos_entry_added_to_bgp': DDoS Entry added to BGP; 'ddos_entry_removed_from_bgp': DDoS Entry Removed from BGP; 'ddos_entry_add_to_bgp_failure': DDoS Entry BGP add failures; 'ddos_entry_remove_from_bgp_failure': DDOS entry BGP remove failures; 'ddos_packet_dropped': DDOS Packet Drop; ",
                            "enum":[
                                "all",
                                "ddos_entries_too_many",
                                "ddos_entry_added",
                                "ddos_entry_removed",
                                "ddos_entry_added_to_bgp",
                                "ddos_entry_removed_from_bgp",
                                "ddos_entry_add_to_bgp_failure",
                                "ddos_entry_remove_from_bgp_failure",
                                "ddos_packet_dropped"
                            ]
                        }
                    }
                }
            ]
        }
    }
}