.. _cgnv6_stateful_firewall: cgnv6 stateful-firewall ======================= Stateful Firewall Configuration stateful-firewall Specification ------------------------------- ===================================== ================================================================ **Parameter** **Value** ===================================== ================================================================ **Type** *Intermediate Resource* **Element Name** stateful-firewall **Element URI** /axapi/v3/cgnv6/stateful-firewall **Element Attributes** stateful-firewall_attributes **Partition Visibility** shared **Schema** :download:`stateful-firewall schema ` ===================================== ================================================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Get Object .. raw:: html GET .. raw:: html /axapi/v3/cgnv6/stateful-firewall .. raw:: html stateful-firewall_attributes .. raw:: html
.. _603_stateful-firewall_attributes: stateful-firewall attributes ---------------------------- **alg** **Description:** alg is a **JSON Block**. Please see below for :ref:`603_alg` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg ` **endpoint-independent-filtering** **Description:** endpoint-independent-filtering is a **JSON Block**. Please see below for :ref:`603_endpoint-independent-filtering` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering ` **global** **Description:** global is a **JSON Block**. Please see below for :ref:`603_global` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/global ` **stun-timeout-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/stun-timeout/{port}+{port-end} ` **tcp** **Description:** tcp is a **JSON Block**. Please see below for :ref:`603_tcp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/tcp ` **udp** **Description:** udp is a **JSON Block**. Please see below for :ref:`603_udp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/udp ` **vrid** **Description:** vrid is a **JSON Block**. Please see below for :ref:`603_vrid` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/vrid ` .. _603_udp: udp ^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **idle-timeout-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/udp/idle-timeout/{port}+{port-end} ` **stun-timeout-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/udp/stun-timeout/{port}+{port-end} ` .. _603_udp_stun-timeout-list: udp_stun-timeout-list ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **port** **Description** Single Destination Port or Port Range Start **Type:** number **Range:** 1-65535 **port-end** **Description** Port Range End **Type:** number **Range:** 1-65535 **stun-timeout-val-port-range** **Description** STUN timeout (default: 2 minutes) **Type:** number **Range:** 0-60 **Default:** 2 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_udp_idle-timeout-list: udp_idle-timeout-list ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **fast** **Description** Fast aging for idle sessions **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** fast and idle-timeout-val-port-range are mutually exclusive **idle-timeout-val-port-range** **Description** Idle timeout for IPv4 and IPv6 TCP established sessions (Idle timeout for IPv4 and IPv6 TCP established sessions (default: 300 seconds)) **Type:** number **Range:** 60-15000 **Default:** 300 **Mutual Exclusion:** idle-timeout-val-port-range and fast are mutually exclusive **port** **Description** Single Destination Port or Port Range Start **Type:** number **Range:** 1-65535 **port-end** **Description** Port Range End **Type:** number **Range:** 1-65535 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_vrid: vrid ^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **vrid-value** **Description** Set VRRP-A vrid for stateful firewall (IPv4 and IPv6) **Type:** number **Range:** 1-31 .. _603_alg: alg ^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **ftp** **Description:** ftp is a **JSON Block**. Please see below for :ref:`603_alg_ftp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/ftp ` **pptp** **Description:** pptp is a **JSON Block**. Please see below for :ref:`603_alg_pptp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/pptp ` **rtp** **Description:** rtp is a **JSON Block**. Please see below for :ref:`603_alg_rtp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/rtp ` **rtsp** **Description:** rtsp is a **JSON Block**. Please see below for :ref:`603_alg_rtsp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/rtsp ` **sip** **Description:** sip is a **JSON Block**. Please see below for :ref:`603_alg_sip` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/sip ` **tftp** **Description:** tftp is a **JSON Block**. Please see below for :ref:`603_alg_tftp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/alg/tftp ` .. _603_alg_ftp: alg_ftp ^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **ftp-value** **Description** 'disable': Disable ALG; **Type:** string **Supported Values:** disable **sampling-enable** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_ftp_sampling-enable: alg_ftp_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'client-port-request': PORT Requests From Client; 'client-eprt-request': EPRT Requests From Client; 'server-pasv-reply': PASV Replies From Server; 'server-epsv-reply': EPSV Replies From Server; 'port-retransmits': PORT Retransmits; 'pasv-retransmits': PASV Retransmits; 'smp-app-type-mismatch': SMP App Type Mismatch; 'retransmit-sanity-check-failure': Retransmit Sanity Check Failure; 'smp-conn-alloc-failure': SMP Helper Conn Alloc Failure; 'port-helper-created': PORT Helper Created; 'pasv-helper-created': PASV Helper Created; 'port-helper-acquire-in-del-q': PORT Helper Acquire In Del Queue; 'port-helper-acquire-already-used': PORT Helper Acquire Already Used; 'pasv-helper-acquire-in-del-q': PASV Helper Acquire In Del Queue; 'pasv-helper-acquire-already-used': PASV Helper Acquire Already Used; 'port-helper-freed-used': PORT Helper Freed Used; 'port-helper-freed-unused': PORT Helper Freed Unused; 'pasv-helper-freed-used': PASV Helper Freed Used; 'pasv-helper-freed-unused': PASV Helper Freed Unused; **Type:** string **Supported Values:** all, client-port-request, client-eprt-request, server-pasv-reply, server-epsv-reply, port-retransmits, pasv-retransmits, smp-app-type-mismatch, retransmit-sanity-check-failure, smp-conn-alloc-failure, port-helper-created, pasv-helper-created, port-helper-acquire-in-del-q, port-helper-acquire-already-used, pasv-helper-acquire-in-del-q, pasv-helper-acquire-already-used, port-helper-freed-used, port-helper-freed-unused, pasv-helper-freed-used, pasv-helper-freed-unused .. _603_alg_sip: alg_sip ^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **sampling-enable** **Type:** List **sip-value** **Description** 'disable': Disable ALG; **Type:** string **Supported Values:** disable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_sip_sampling-enable: alg_sip_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'stat-request': Request Received; 'stat-response': Response Received; 'method-register': Method REGISTER; 'method-invite': Method INVITE; 'method-ack': Method ACK; 'method-cancel': Method CANCEL; 'method-bye': Method BYE; 'method-port-config': Method OPTIONS; 'method-prack': Method PRACK; 'method-subscribe': Method SUBSCRIBE; 'method-notify': Method NOTIFY; 'method-publish': Method PUBLISH; 'method-info': Method INFO; 'method-refer': Method REFER; 'method-message': Method MESSAGE; 'method-update': Method UPDATE; 'method-unknown': Method Unknown; 'parse-error': Message Parse Error; 'keep-alive': Keep Alive; 'contact-error': Contact Process Error; 'sdp-error': SDP Process Error; 'rtp-port-no-op': RTP Port No Op; 'rtp-rtcp-port-success': RTP RTCP Port Success; 'rtp-port-failure': RTP Port Failure; 'rtcp-port-failure': RTCP Port Failure; 'contact-port-no-op': Contact Port No Op; 'contact-port-success': Contact Port Success; 'contact-port-failure': Contact Port Failure; 'contact-new': Contact Alloc; 'contact-alloc-failure': Contact Alloc Failure; 'contact-eim': Contact EIM; 'contact-eim-set': Contact EIM Set; 'rtp-new': RTP Alloc; 'rtp-alloc-failure': RTP Alloc Failure; 'rtp-eim': RTP EIM; **Type:** string **Supported Values:** all, stat-request, stat-response, method-register, method-invite, method-ack, method-cancel, method-bye, method-port-config, method-prack, method-subscribe, method-notify, method-publish, method-info, method-refer, method-message, method-update, method-unknown, parse-error, keep-alive, contact-error, sdp-error, rtp-port-no-op, rtp-rtcp-port-success, rtp-port-failure, rtcp-port-failure, contact-port-no-op, contact-port-success, contact-port-failure, contact-new, contact-alloc-failure, contact-eim, contact-eim-set, rtp-new, rtp-alloc-failure, rtp-eim .. _603_alg_pptp: alg_pptp ^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **pptp-value** **Description** 'disable': Disable ALG; **Type:** string **Supported Values:** disable **sampling-enable** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_pptp_sampling-enable: alg_pptp_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'calls-established': Calls Established; 'call-req-pns-call-id-mismatch': Call ID Mismatch on Call Request; 'call-reply-pns-call-id-mismatch': Call ID Mismatch on Call Reply; 'gre-session-created': GRE Session Created; 'gre-session-freed': GRE Session Freed; 'call-req-retransmit': Call Request Retransmit; 'call-req-new': Call Request New; 'call-req-ext-alloc-failure': Call Request Ext Alloc Failure; 'call-reply-call-id-unknown': Call Reply Unknown Client Call ID; 'call-reply-retransmit': Call Reply Retransmit; 'call-reply-ext-ext-alloc-failure': Call Request Ext Alloc Failure; 'smp-app-type-mismatch': SMP App Type Mismatch; 'smp-client-call-id-mismatch': SMP Client Call ID Mismatch; 'smp-sessions-created': SMP Session Created; 'smp-sessions-freed': SMP Session Freed; 'smp-alloc-failure': SMP Session Alloc Failure; 'gre-conn-creation-failure': GRE Conn Alloc Failure; 'gre-conn-ext-creation-failure': GRE Conn Ext Alloc Failure; 'gre-no-fwd-route': GRE No Fwd Route; 'gre-no-rev-route': GRE No Rev Route; 'gre-no-control-conn': GRE No Control Conn; 'gre-conn-already-exists': GRE Conn Already Exists; 'gre-free-no-ext': GRE Free No Ext; 'gre-free-no-smp': GRE Free No SMP; 'gre-free-smp-app-type-mismatch': GRE Free SMP App Type Mismatch; 'control-freed': Control Session Freed; 'control-free-no-ext': Control Free No Ext; 'control-free-no-smp': Control Free No SMP; 'control-free-smp-app-type-mismatch': Control Free SMP App Type Mismatch; **Type:** string **Supported Values:** all, calls-established, call-req-pns-call-id-mismatch, call-reply-pns-call-id-mismatch, gre-session-created, gre-session-freed, call-req-retransmit, call-req-new, call-req-ext-alloc-failure, call-reply-call-id-unknown, call-reply-retransmit, call-reply-ext-ext-alloc-failure, smp-app-type-mismatch, smp-client-call-id-mismatch, smp-sessions-created, smp-sessions-freed, smp-alloc-failure, gre-conn-creation-failure, gre-conn-ext-creation-failure, gre-no-fwd-route, gre-no-rev-route, gre-no-control-conn, gre-conn-already-exists, gre-free-no-ext, gre-free-no-smp, gre-free-smp-app-type-mismatch, control-freed, control-free-no-ext, control-free-no-smp, control-free-smp-app-type-mismatch .. _603_alg_rtsp: alg_rtsp ^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **rtsp-value** **Description** 'disable': Disable ALG; **Type:** string **Supported Values:** disable **sampling-enable** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_rtsp_sampling-enable: alg_rtsp_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'transport-inserted': Transport Created; 'transport-freed': Transport Freed; 'transport-alloc-failure': Transport Alloc Failure; 'data-session-created': Data Session Created; 'data-session-freed': Data Session Freed; 'ext-creation-failure': Extension Creation Failure; 'transport-add-to-ext': Transport Added to Extension; 'transport-removed-from-ext': Transport Removed from Extension; 'transport-too-many': Too Many Transports for Control Conn; 'transport-already-in-ext': Transport Already in Extension; 'transport-exists': Transport Already Exists; 'transport-link-ext-failure-control': Transport Link to Extension Failure Control; 'transport-link-ext-data': Transport Link to Extension Data; 'transport-link-ext-failure-data': Transport Link to Extension Failure Data; 'transport-inserted-shadow': Transport Inserted Shadow; 'transport-creation-race': Transport Create Race; 'transport-alloc-failure-shadow': Transport Alloc Failure Shadow; 'transport-put-in-del-q': Transport Put in Delete Queue; 'transport-freed-shadow': Transport Freed Shadow; 'transport-acquired-from-control': Transport Acquired Control; 'transport-found-from-prev-control': Transport Found From Prev Control; 'transport-acquire-failure-from-control': Transport Acquire Failure Control; 'transport-released-from-control': Transport Released Control; 'transport-double-release-from-control': Transport Double Release Control; 'transport-acquired-from-data': Transport Acquired Data; 'transport-acquire-failure-from-data': Transport Acquire Failure Data; 'transport-released-from-data': Transport Released Data; 'transport-double-release-from-data': Transport Double Release Data; 'transport-retry-lookup-on-data-free': Transport Retry Lookup Data; 'transport-not-found-on-data-free': Transport Not Found Data; 'data-session-created-shadow': Data Session Created Shadow; 'data-session-freed-shadow': Data Session Freed Shadow; 'ha-control-ext-creation-failure': HA Control Extension Creation Failure; 'ha-control-session-created': HA Control Session Created; 'ha-data-session-created': HA Data Session Created; **Type:** string **Supported Values:** all, transport-inserted, transport-freed, transport-alloc-failure, data-session-created, data-session-freed, ext-creation-failure, transport-add-to-ext, transport-removed-from-ext, transport-too-many, transport-already-in-ext, transport-exists, transport-link-ext-failure-control, transport-link-ext-data, transport-link-ext-failure-data, transport-inserted-shadow, transport-creation-race, transport-alloc-failure-shadow, transport-put-in-del-q, transport-freed-shadow, transport-acquired-from-control, transport-found-from-prev-control, transport-acquire-failure-from-control, transport-released-from-control, transport-double-release-from-control, transport-acquired-from-data, transport-acquire-failure-from-data, transport-released-from-data, transport-double-release-from-data, transport-retry-lookup-on-data-free, transport-not-found-on-data-free, data-session-created-shadow, data-session-freed-shadow, ha-control-ext-creation-failure, ha-control-session-created, ha-data-session-created .. _603_alg_rtp: alg_rtp ^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **rtp-stun-timeout** **Description** RTP/RTCP STUN timeout (default: 5 minutes)} **Type:** number **Range:** 2-10 **Default:** 5 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_tftp: alg_tftp ^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **sampling-enable** **Type:** List **tftp-value** **Description** 'disable': Disable ALG; **Type:** string **Supported Values:** disable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_alg_tftp_sampling-enable: alg_tftp_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'session-created': TFTP Client Sessions created; 'helper-created': TFTP Helper Sessions created; 'helper-freed': TFTP Helper Sessions freed; 'helper-freed-used': TFTP Helper Sessions freed used; 'helper-freed-unused': TFTP Helper Sessions freed unused; 'helper-already-used': TFTP Helper Session already used; 'helper-in-rml': TFTP Helper Session in Remove List; **Type:** string **Supported Values:** all, session-created, helper-created, helper-freed, helper-freed-used, helper-freed-unused, helper-already-used, helper-in-rml .. _603_global: global ^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **respond-to-user-mac** **Description** Use the user's source MAC for the next hop rather than the routing table (default: off) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **sampling-enable** **Type:** List **stateful-firewall-value** **Description** 'enable': Enable stateful firewall; **Type:** string **Supported Values:** enable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_global_sampling-enable: global_sampling-enable ^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'tcp_packet_process': TCP Packet Process; 'udp_packet_process': UDP Packet Process; 'other_packet_process': Other Packet Process; 'packet_inbound_deny': Inbound Packet Denied; 'packet_process_failure': Packet Error Drop; 'outbound_session_created': Outbound Session Created; 'outbound_session_freed': Outbound Session Freed; 'inbound_session_created': Inbound Session Created; 'inbound_session_freed': Inbound Session Freed; 'tcp_session_created': TCP Session Created; 'tcp_session_freed': TCP Session Freed; 'udp_session_created': UDP Session Created; 'udp_session_freed': UDP Session Freed; 'other_session_created': Other Session Created; 'other_session_freed': Other Session Freed; 'session_creation_failure': Session Creation Failure; 'no_fwd_route': No Forward Route; 'no_rev_route': No Reverse Route; 'packet_standby_drop': Standby Drop; 'tcp_fullcone_created': TCP Full-cone Created; 'tcp_fullcone_freed': TCP Full-cone Freed; 'udp_fullcone_created': UDP Full-cone Created; 'udp_fullcone_freed': UDP Full-cone Freed; 'fullcone_creation_failure': Full-Cone Creation Failure; 'eif_process': Endpnt-Independent Filter Matched; 'one_arm_drop': One-Arm Drop; 'no_class_list_match': No Class-List Match Drop; 'outbound_session_created_shadow': Outbound Session Created Shadow; 'outbound_session_freed_shadow': Outbound Session Freed Shadow; 'inbound_session_created_shadow': Inbound Session Created Shadow; 'inbound_session_freed_shadow': Inbound Session Freed Shadow; 'tcp_session_created_shadow': TCP Session Created Shadow; 'tcp_session_freed_shadow': TCP Session Freed Shadow; 'udp_session_created_shadow': UDP Session Created Shadow; 'udp_session_freed_shadow': UDP Session Freed Shadow; 'other_session_created_shadow': Other Session Created Shadow; 'other_session_freed_shadow': Other Session Freed Shadow; 'session_creation_failure_shadow': Session Creation Failure Shadow; 'bad_session_freed': Bad Session Proto on Free; 'ctl_mem_alloc': Memory Alloc; 'ctl_mem_free': Memory Free; 'tcp_fullcone_created_shadow': TCP Full-cone Created Shadow; 'tcp_fullcone_freed_shadow': TCP Full-cone Freed Shadow; 'udp_fullcone_created_shadow': UDP Full-cone Created Shadow; 'udp_fullcone_freed_shadow': UDP Full-cone Freed Shadow; 'fullcone_in_del_q': Full-cone Found in Delete Queue; 'fullcone_overflow_eim': EIM Overflow; 'fullcone_overflow_eif': EIF Overflow; 'fullcone_free_found': Full-cone Free Found From Conn; 'fullcone_free_retry_lookup': Full-cone Retry Look-up; 'fullcone_free_not_found': Full-cone Free Not Found; 'eif_limit_exceeded': EIF Limit Exceeded; 'eif_disable_drop': EIF Disable Drop; 'eif_process_failure': EIF Process Failure; 'eif_filtered': EIF Filtered; 'ha_standby_session_created': HA Standby Session Created; 'ha_standby_session_eim': HA Standby Session EIM; 'ha_standby_session_eif': HA Standby Session EIF; **Type:** string **Supported Values:** all, tcp_packet_process, udp_packet_process, other_packet_process, packet_inbound_deny, packet_process_failure, outbound_session_created, outbound_session_freed, inbound_session_created, inbound_session_freed, tcp_session_created, tcp_session_freed, udp_session_created, udp_session_freed, other_session_created, other_session_freed, session_creation_failure, no_fwd_route, no_rev_route, packet_standby_drop, tcp_fullcone_created, tcp_fullcone_freed, udp_fullcone_created, udp_fullcone_freed, fullcone_creation_failure, eif_process, one_arm_drop, no_class_list_match, outbound_session_created_shadow, outbound_session_freed_shadow, inbound_session_created_shadow, inbound_session_freed_shadow, tcp_session_created_shadow, tcp_session_freed_shadow, udp_session_created_shadow, udp_session_freed_shadow, other_session_created_shadow, other_session_freed_shadow, session_creation_failure_shadow, bad_session_freed, ctl_mem_alloc, ctl_mem_free, tcp_fullcone_created_shadow, tcp_fullcone_freed_shadow, udp_fullcone_created_shadow, udp_fullcone_freed_shadow, fullcone_in_del_q, fullcone_overflow_eim, fullcone_overflow_eif, fullcone_free_found, fullcone_free_retry_lookup, fullcone_free_not_found, eif_limit_exceeded, eif_disable_drop, eif_process_failure, eif_filtered, ha_standby_session_created, ha_standby_session_eim, ha_standby_session_eif .. _603_tcp: tcp ^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **idle-timeout-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/tcp/idle-timeout/{port}+{port-end} ` **stun-timeout-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/tcp/stun-timeout/{port}+{port-end} ` **syn-timeout** **Description:** syn-timeout is a **JSON Block**. Please see below for :ref:`603_tcp_syn-timeout` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/tcp/syn-timeout ` .. _603_tcp_stun-timeout-list: tcp_stun-timeout-list ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **port** **Description** Single Destination Port or Port Range Start **Type:** number **Range:** 1-65535 **port-end** **Description** Port Range End **Type:** number **Range:** 1-65535 **stun-timeout-val-port-range** **Description** STUN timeout (default: 2minutes) **Type:** number **Range:** 0-60 **Default:** 2 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_tcp_syn-timeout: tcp_syn-timeout ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **syn-timeout-val** **Description** Set Seconds session can remain in half-open state before being deleted (default: 4 seconds) **Type:** number **Range:** 2-30 **Default:** 4 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_tcp_idle-timeout-list: tcp_idle-timeout-list ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **idle-timeout-val-port-range** **Description** Set Idle timeout for IPv4 and IPv6 TCP established sessions (Idle timeout for IPv4 and IPv6 TCP established sessions (default: 300 seconds)) **Type:** number **Range:** 60-15000 **Default:** 300 **port** **Description** Single Destination Port or Port Range Start **Type:** number **Range:** 1-65535 **port-end** **Description** Port Range End **Type:** number **Range:** 1-65535 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_stun-timeout-list: stun-timeout-list ^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **port** **Description** Single Destination Port or Port Range Start **Type:** number **Range:** 1-65535 **port-end** **Description** Port Range End **Type:** number **Range:** 1-65535 **stun-timeout-val-port-range** **Description** STUN timeout (default: 2 minutes) **Type:** number **Range:** 0-60 **Default:** 2 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_endpoint-independent-filtering: endpoint-independent-filtering ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **tcp** **Description:** tcp is a **JSON Block**. Please see below for :ref:`603_endpoint-independent-filtering_tcp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering/tcp ` **udp** **Description:** udp is a **JSON Block**. Please see below for :ref:`603_endpoint-independent-filtering_udp` **Type:** Object **Reference Object:** :doc:`/axapi/v3/cgnv6/stateful-firewall/endpoint-independent-filtering/udp ` .. _603_endpoint-independent-filtering_udp: endpoint-independent-filtering_udp ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **port-list** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_endpoint-independent-filtering_udp_port-list: endpoint-independent-filtering_udp_port-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **port** **Description** Single Destination Port or Port Range Start **Type:** number **port-end** **Description** Port Range End **Type:** number .. _603_endpoint-independent-filtering_tcp: endpoint-independent-filtering_tcp ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **port-list** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _603_endpoint-independent-filtering_tcp_port-list: endpoint-independent-filtering_tcp_port-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **port** **Description** Single Destination Port or Port Range Start **Type:** number **port-end** **Description** Port Range End **Type:** number