.. _ddos_dst_zone_detection: ddos dst zone detection ======================= DDOS Detection detection Specification ----------------------- ===================================== ============================================================================ **Parameter** **Value** ===================================== ============================================================================ **Type** *Configuration Resource* **Element Name** detection **Element URI** /axapi/v3/ddos/dst/zone/{zone-name}/detection **Element Attributes** detection_attributes **Partition Visibility** shared **Schema** :download:`detection schema ` ===================================== ============================================================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/dst/zone/{zone-name}/detection .. raw:: html :ref:`846_detection_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/ddos/dst/zone/{zone-name}/detection .. raw:: html :ref:`846_detection_attributes` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/dst/zone/{zone-name}/detection .. raw:: html :ref:`846_detection_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/ddos/dst/zone/{zone-name}/detection .. raw:: html :ref:`846_detection_attributes` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/ddos/dst/zone/{zone-name}/detection .. raw:: html :ref:`846_detection_attributes` .. raw:: html
.. _846_detection_attributes: detection attributes -------------------- **notification** **Description:** notification is a **JSON Block**. Please see below for :ref:`846_notification` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/notification ` **outbound-detection** **Description:** outbound-detection is a **JSON Block**. Please see below for :ref:`846_outbound-detection` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/outbound-detection ` **packet-anomaly-detection** **Description:** packet-anomaly-detection is a **JSON Block**. Please see below for :ref:`846_packet-anomaly-detection` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/packet-anomaly-detection ` **service-discovery** **Description:** service-discovery is a **JSON Block**. Please see below for :ref:`846_service-discovery` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/service-discovery ` **settings** **Description** 'settings': settings; **Type:** string **Supported Values:** settings **toggle** **Description** 'enable': Enable detection; 'disable': Disable detection; **Type:** string **Supported Values:** enable, disable **Default:** enable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **victim-ip-detection** **Description:** victim-ip-detection is a **JSON Block**. Please see below for :ref:`846_victim-ip-detection` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/victim-ip-detection ` .. _846_packet-anomaly-detection: packet-anomaly-detection ^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **configuration** **Description** 'configuration': configuration; **Type:** string **Supported Values:** configuration **indicator-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/packet-anomaly-detection/indicator/{type} ` **toggle** **Description** 'enable': Enable packet anomaly; 'disable': Disable packet anomaly; **Type:** string **Supported Values:** enable, disable **Default:** enable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_packet-anomaly-detection_indicator-list: packet-anomaly-detection_indicator-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **threshold-num** **Description** Threshold for each indicator **Type:** number **Range:** 1-65535 **Default:** 100 **type** **Description** 'port-zero-pkt-rate': Port Zero Packet Rate (default 100 packet per second); **Type:** string **Supported Values:** port-zero-pkt-rate **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_victim-ip-detection: victim-ip-detection ^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **configuration** **Description** 'configuration': configuration; **Type:** string **Supported Values:** configuration **histogram-toggle** **Description** 'histogram-enable': Enable histogram statistics of victim IP detection; 'histogram-disable': Disable histogram statistics of victim IP detection; **Type:** string **Supported Values:** histogram-enable, histogram-disable **Default:** histogram-disable **indicator-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/victim-ip-detection/indicator/{type} ` **toggle** **Description** 'enable': Enable victim IP detection; 'disable': Disable victim IP detection; **Type:** string **Supported Values:** enable, disable **Default:** disable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_victim-ip-detection_indicator-list: victim-ip-detection_indicator-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **ip-threshold-num** **Description** Threshold for IP **Type:** number **Range:** 1-2147483647 **type** **Description** 'pkt-rate': rate of incoming packets; 'reverse-pkt-rate': rate of reverse coming packets; 'fwd-byte-rate': rate of incoming bytes; 'rev-byte-rate': rate of reverse coming bytes; **Type:** string **Supported Values:** pkt-rate, reverse-pkt-rate, fwd-byte-rate, rev-byte-rate **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_notification: notification ^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **configuration** **Description** 'configuration': configuration; **Type:** string **Supported Values:** configuration **notification** **Type:** List **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_notification_notification: notification_notification ^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **notification-template-name** **Description** Specify the notification template name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/ddos/notification-template ` .. _846_service-discovery: service-discovery ^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **configuration** **Description** 'configuration': configuration; **Type:** string **Supported Values:** configuration **pkt-rate-threshold** **Description** packet rate threshold for discovery (default 10 packets per second) **Type:** number **Range:** 1-255 **Default:** 10 **toggle** **Description** 'enable': Enable service discovery; 'disable': Disable service discovery; **Type:** string **Supported Values:** enable, disable **Default:** disable **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_outbound-detection: outbound-detection ^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **configuration** **Description** 'configuration': configuration; **Type:** string **Supported Values:** configuration **discovery-method** **Description** 'asn': Autonomous Systems number; 'country': Country; **Type:** string **Supported Values:** asn, country **discovery-record** **Description** Maximum number of top locations **Type:** number **Range:** 1-100 **Default:** 10 **enable-top-k** **Type:** List **indicator-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/outbound-detection/indicator/{type} ` **toggle** **Description** 'enable': Enable outbound detection; 'disable': Disable outbound detection; **Type:** string **Supported Values:** enable, disable **Default:** disable **topk-source-subnet** **Description:** topk-source-subnet is a **JSON Block**. Please see below for :ref:`846_outbound-detection_topk-source-subnet` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/dst/zone/{zone-name}/detection/outbound-detection/topk-source-subnet ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_outbound-detection_topk-source-subnet: outbound-detection_topk-source-subnet ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _846_outbound-detection_enable-top-k: outbound-detection_enable-top-k ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **topk-netmask** **Description** Subnet mask. The value should be less than or equal to the minimum zone subnet mask + 8 (IPv6 Subnet mask) **Type:** number **Range:** 1-128 **Default:** 128 **topk-num-records** **Description** Maximum number of records to show in topk **Type:** number **Range:** 1-100 **Default:** 20 **topk-type** **Description** 'source-subnet': Topk source subnet; **Type:** string **Supported Values:** source-subnet .. _846_outbound-detection_indicator-list: outbound-detection_indicator-list ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **data-packet-size** **Description** Expected minimal data size **Type:** number **Range:** 1-1500 **tcp-window-size** **Description** Expected minimal window size **Type:** number **Range:** 1-500 **threshold-large-num** **Description** Threshold for each geo-location **Type:** number **Range:** 1-10995116277760 **threshold-num** **Description** Threshold for each geo-location **Type:** number **Range:** 1-2147483647 **threshold-str** **Description** Threshold for each geo-location (Non-zero floating point) **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **type** **Description** 'pkt-rate': rate of incoming packets; 'pkt-drop-rate': rate of packets got dropped; 'bit-rate': rate of incoming bits; 'pkt-drop-ratio': ratio of incoming packet rate divided by the rate of dropping packets; 'bytes-to-bytes-from-ratio': ratio of incoming packet rate divided by the rate of outgoing packets; 'syn-rate': rate on incoming SYN packets; 'fin-rate': rate on incoming FIN packets; 'rst-rate': rate of incoming RST packets; 'small-window-ack-rate': rate of small window advertisement; 'empty-ack-rate': rate of incoming packets which have no payload; 'small-payload-rate': rate of short payload packet; 'syn-fin-ratio': ratio of incoming SYN packet rate divided by the rate of incoming FIN packets; **Type:** string **Supported Values:** pkt-rate, pkt-drop-rate, bit-rate, pkt-drop-ratio, bytes-to-bytes-from-ratio, syn-rate, fin-rate, rst-rate, small-window-ack-rate, empty-ack-rate, small-payload-rate, syn-fin-ratio **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters