.. _ddos_zone_template_udp: ddos zone-template udp ====================== UDP template configuration udp Specification ----------------- ===================================== ====================================================================== **Parameter** **Value** ===================================== ====================================================================== **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`1276_udp_list` **Collection URI** /axapi/v3/ddos/zone-template/udp **Element Name** udp **Element URI** /axapi/v3/ddos/zone-template/udp/{name} **Element Attributes** udp_attributes **Partition Visibility** shared **Schema** :download:`udp schema ` ===================================== ====================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/zone-template/udp .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
Create List .. raw:: html POST .. raw:: html /axapi/v3/ddos/zone-template/udp .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/ddos/zone-template/udp/{name} .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
Get List .. raw:: html GET .. raw:: html /axapi/v3/ddos/zone-template/udp .. raw:: html :ref:`1276_udp_list` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/zone-template/udp/{name} .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/ddos/zone-template/udp/{name} .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
Replace List .. raw:: html PUT .. raw:: html /axapi/v3/ddos/zone-template/udp .. raw:: html :ref:`1276_udp_list` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/ddos/zone-template/udp/{name} .. raw:: html :ref:`1276_udp_attributes` .. raw:: html
.. _1276_udp_list: udp-list -------- udp-list is **JSON List** of :ref:`1276_udp_attributes` udp-list : [ { :ref:`1276_udp_attributes` }, { :ref:`1276_udp_attributes` }, ... ] .. _1276_udp_attributes: udp attributes -------------- **age** **Description** Configure session age(in minutes) for UDP sessions **Type:** number **Range:** 1-63 **Default:** 2 **filter-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/ddos/zone-template/udp/{name}/filter/{udp-filter-name} ` **filter-match-type** **Description** 'default': Stop matching on drop/blacklist action; 'stop-on-first-match': Stop matching on first match; **Type:** string **Supported Values:** default, stop-on-first-match **Default:** default **known-resp-src-port-cfg** **Description:** known-resp-src-port-cfg is a **JSON Block**. Please see below for :ref:`1276_known-resp-src-port-cfg` **Type:** Object **max-payload-size-cfg** **Description:** max-payload-size-cfg is a **JSON Block**. Please see below for :ref:`1276_max-payload-size-cfg` **Type:** Object **min-payload-size-cfg** **Description:** min-payload-size-cfg is a **JSON Block**. Please see below for :ref:`1276_min-payload-size-cfg` **Type:** Object **name** **Description** DDOS UDP Template Name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **ntp-monlist-cfg** **Description:** ntp-monlist-cfg is a **JSON Block**. Please see below for :ref:`1276_ntp-monlist-cfg` **Type:** Object **per-conn-pkt-rate-cfg** **Description:** per-conn-pkt-rate-cfg is a **JSON Block**. Please see below for :ref:`1276_per-conn-pkt-rate-cfg` **Type:** Object **per-conn-rate-interval** **Description** '100ms': 100ms; '1sec': 1sec; **Type:** string **Supported Values:** 100ms, 1sec **Default:** 1sec **previous-salt-timeout** **Description** Token-Authentication previous salt-prefix timeout in minutes, default is 1 min **Type:** number **Range:** 1-10080 **Default:** 1 **public-ipv4-addr** **Description** IP address **Type:** string **Format:** ipv4-address **public-ipv6-addr** **Description** IPV6 address **Type:** string **Format:** ipv6-address **spoof-detect-fail-action** **Description** 'drop': Drop packets (Default); 'blacklist-src': Blacklist-src for spoof-detect fail; **Type:** string **Supported Values:** drop, blacklist-src **Mutual Exclusion:** spoof-detect-fail-action and spoof-detect-fail-action-list-name are mutually exclusive **spoof-detect-fail-action-list-name** **Description** Configure action-list to take for failing the authentication **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** spoof-detect-fail-action-list-name and spoof-detect-fail-action are mutually exclusive **spoof-detect-min-delay** **Description** Optional minimum delay between UDP retransmits for authentication to pass, unit is specified by min-delay-interval **Type:** number **Range:** 1-80 **spoof-detect-min-delay-interval** **Description** '100ms': 100ms; '1sec': 1sec; **Type:** string **Supported Values:** 100ms, 1sec **Default:** 1sec **spoof-detect-pass-action** **Description** 'authenticate-src': authenticate-src (Default); **Type:** string **Supported Values:** authenticate-src **Mutual Exclusion:** spoof-detect-pass-action and spoof-detect-pass-action-list-name are mutually exclusive **spoof-detect-pass-action-list-name** **Description** Configure action-list to take for passing the authentication **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** spoof-detect-pass-action-list-name and spoof-detect-pass-action are mutually exclusive **spoof-detect-retry-timeout** **Description** Timeout in seconds **Type:** number **Range:** 1-31 **token-authentication** **Description** Enable Token Authentication **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **token-authentication-formula** **Description** 'md5_Salt-SrcIp-SrcPort-DstIp-DstPort': md5 of Salt-SrcIp-SrcPort-DstIp-DstPort; 'md5_Salt-DstIp-DstPort': md5 of Salt-DstIp-DstPort; 'md5_Salt-SrcIp-DstIp': md5 of Salt-SrcIp-DstIp; 'md5_Salt-SrcPort-DstPort': md5 of Salt-SrcPort-DstPort; 'md5_Salt-UintDstIp-DstPort': Using the uint value of IP for md5 of Salt-DstIp-DstPort; 'sha1_Salt-SrcIp-SrcPort-DstIp-DstPort': sha1 of Salt-SrcIp-SrcPort-DstIp-DstPort; 'sha1_Salt-DstIp-DstPort': sha1 of Salt-DstIp-DstPort; 'sha1_Salt-SrcIp-DstIp': sha1 of Salt-SrcIp-DstIp; 'sha1_Salt-SrcPort-DstPort': sha1 of Salt-SrcPort-DstPort; 'sha1_Salt-UintDstIp-DstPort': Using the uint value of IP for sha1 of Salt-DstIp-DstPort; **Type:** string **Supported Values:** md5_Salt-SrcIp-SrcPort-DstIp-DstPort, md5_Salt-DstIp-DstPort, md5_Salt-SrcIp-DstIp, md5_Salt-SrcPort-DstPort, md5_Salt-UintDstIp-DstPort, sha1_Salt-SrcIp-SrcPort-DstIp-DstPort, sha1_Salt-DstIp-DstPort, sha1_Salt-SrcIp-DstIp, sha1_Salt-SrcPort-DstPort, sha1_Salt-UintDstIp-DstPort **token-authentication-hw-assist-disable** **Description** token-authentication disable hardware assistance **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **token-authentication-public-address** **Description** The server public IP address **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **token-authentication-salt-prefix** **Description** token-authentication salt-prefix **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **token-authentication-salt-prefix-curr** **Description** **Type:** number **Range:** 1-4294967295 **token-authentication-salt-prefix-prev** **Description** **Type:** number **Range:** 1-4294967295 **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1276_ntp-monlist-cfg: ntp-monlist-cfg ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **ntp-monlist** **Description** Take action for ntp monlist request/response **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **ntp-monlist-action** **Description** 'drop': Drop packets for ntp-monlist (Default); 'blacklist-src': Blacklist-src for ntp-monlist; 'ignore': Ignore ntp-monlist; **Type:** string **Supported Values:** drop, blacklist-src, ignore **Default:** drop **Mutual Exclusion:** ntp-monlist-action and ntp-monlist-action-list-name are mutually exclusive **ntp-monlist-action-list-name** **Description** Configure action-list to take for ntp-monlist **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** ntp-monlist-action-list-name and ntp-monlist-action are mutually exclusive **Reference Object:** :doc:`/axapi/v3/ddos/action-list ` .. _1276_known-resp-src-port-cfg: known-resp-src-port-cfg ^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **exclude-src-resp-port** **Description** Exclude src port equal to dst port **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **known-resp-src-port** **Description** Take action if src-port is less than 1024 **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **known-resp-src-port-action** **Description** 'drop': Drop packets from well-known src-port(Default); 'blacklist-src': Blacklist-src from well-known src-port; 'ignore': Ignore well-known src-port; **Type:** string **Supported Values:** drop, blacklist-src, ignore **Mutual Exclusion:** known-resp-src-port-action and known-resp-src-port-action-list-name are mutually exclusive **known-resp-src-port-action-list-name** **Description** Configure action-list to take for well-known src-port **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** known-resp-src-port-action-list-name and known-resp-src-port-action are mutually exclusive **Reference Object:** :doc:`/axapi/v3/ddos/action-list ` .. _1276_per-conn-pkt-rate-cfg: per-conn-pkt-rate-cfg ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **per-conn-pkt-rate-action** **Description** 'drop': Drop packets for per-conn-pkt-rate exceed (Default); 'blacklist-src': help Blacklist-src for per-conn-pkt-rate exceed; 'ignore': Ignore per-conn-pkt-rate-exceed; **Type:** string **Supported Values:** drop, blacklist-src, ignore **Default:** drop **Mutual Exclusion:** per-conn-pkt-rate-action and per-conn-pkt-rate-action-list-name are mutually exclusive **per-conn-pkt-rate-action-list-name** **Description** Configure action-list to take for per-conn-pkt-rate exceed **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** per-conn-pkt-rate-action-list-name and per-conn-pkt-rate-action are mutually exclusive **Reference Object:** :doc:`/axapi/v3/ddos/action-list ` **per-conn-pkt-rate-limit** **Description** Packet rate limit per connection per rate-interval **Type:** number **Range:** 1-16000000 .. _1276_min-payload-size-cfg: min-payload-size-cfg ^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **min-payload-size** **Description** Minimum UDP payload size for each single packet **Type:** number **Range:** 1-1470 **min-payload-size-action** **Description** 'drop': Drop packets for min-payload-size (Default); 'blacklist-src': Blacklist-src for min-payload-size; 'ignore': Do nothing for min-payload-size exceed; **Type:** string **Supported Values:** drop, blacklist-src, ignore **Default:** drop **Mutual Exclusion:** min-payload-size-action and min-payload-size-action-list-name are mutually exclusive **min-payload-size-action-list-name** **Description** Configure action-list to take for min-payload-size exceed **Type:** string **Format:** string-rlx **Maximum Length:** 64 characters **Maximum Length:** 1 characters **Mutual Exclusion:** min-payload-size-action-list-name and min-payload-size-action are mutually exclusive **Reference Object:** :doc:`/axapi/v3/ddos/action-list ` .. _1276_filter-list: filter-list ^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **byte-offset-filter** **Description** Filter using Berkeley Packet Filter syntax **Type:** string **Format:** string-rlx **Maximum Length:** 1275 characters **Maximum Length:** 1 characters **udp-filter-action** **Description** 'drop': Drop packets (Default); 'ignore': Take no action; 'blacklist-src': Blacklist-src; 'authenticate-src': Authenticate-src; **Type:** string **Supported Values:** drop, ignore, blacklist-src, authenticate-src **Default:** drop **Mutual Exclusion:** udp-filter-action and udp-filter-action-list-name are mutually exclusive **udp-filter-action-list-name** **Description** Configure action-list to take **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** udp-filter-action-list-name and udp-filter-action are mutually exclusive **udp-filter-inverse-match** **Description** Inverse the result of the matching **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **udp-filter-name** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **udp-filter-regex** **Description** Regex Expression **Type:** string **Format:** string-rlx **Maximum Length:** 1275 characters **Maximum Length:** 1 characters **udp-filter-seq** **Description** Sequence number **Type:** number **Range:** 1-200 **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1276_max-payload-size-cfg: max-payload-size-cfg ^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **max-payload-size** **Description** Maximum UDP payload size for each single packet **Type:** number **Range:** 1-1470 **max-payload-size-action** **Description** 'drop': Drop packets for max-payload-size exceed (Default); 'blacklist-src': Blacklist-src for max-payload-size exceed; 'ignore': Do nothing for max-payload-size exceed; **Type:** string **Supported Values:** drop, blacklist-src, ignore **Default:** drop **Mutual Exclusion:** max-payload-size-action and max-payload-size-action-list-name are mutually exclusive **max-payload-size-action-list-name** **Description** Configure action-list to take for max-payload-size exceed **Type:** string **Format:** string-rlx **Maximum Length:** 64 characters **Maximum Length:** 1 characters **Mutual Exclusion:** max-payload-size-action-list-name and max-payload-size-action are mutually exclusive **Reference Object:** :doc:`/axapi/v3/ddos/action-list `