ddos dst default l4-type¶
DDOS L4 type
l4-type Specification¶
Parameter Value Type Collection Object Key(s) protocol Collection Name l4-type-list Collection URI /axapi/v3/ddos/dst/default/{default-address-type}/l4-type Element Name l4-type Element URI /axapi/v3/ddos/dst/default/{default-address-type}/l4-type/{protocol} Element Attributes l4-type_attributes Partition Visibility shared Schema l4-type schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type | ||
Create List | POST | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type | ||
Get Object | GET | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type/{protocol} | ||
Get List | GET | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type | ||
Modify Object | POST | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type/{protocol} | ||
Replace Object | PUT | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type/{protocol} | ||
Replace List | PUT | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type | ||
Delete Object | DELETE | /axapi/v3/ddos/dst/default/{default-address-type}/l4-type/{protocol} |
l4-type-list¶
l4-type-list is JSON List of l4-type attributes
l4-type-list : [
]
l4-type attributes¶
deny
Description Blacklist and Drop all incoming packets for protocol
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-syn-auth
Description Disable TCP SYN Authentication
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
drop-frag-pkt
Description Drop fragmented packets
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
drop-on-no-port-match
Description ‘disable’: disable; ‘enable’: enable;
Type: string
Supported Values: disable, enable
Default: enable
glid
Description Global limit ID
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/glid
max-rexmit-syn-per-flow
Description Maximum number of re-transmit SYN per flow. Exceed action set to Drop
Type: number
Range: 1-6
protocol
Description ‘tcp’: tcp; ‘udp’: udp; ‘icmp’: icmp; ‘other’: other;
Type: string
Supported Values: tcp, udp, icmp, other
stateful
Description Enable stateful tracking of sessions (Default is stateless)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
syn-auth
Description ‘send-rst’: Send RST to client upon client ACK; ‘force-rst-by-ack’: Force client RST via the use of ACK; ‘force-rst-by-synack’: Force client RST via the use of bad SYN|ACK; ‘disable’: Disable TCP SYN Authentication;
Type: string
Supported Values: send-rst, force-rst-by-ack, force-rst-by-synack, disable
Default: send-rst
syn-cookie
Description Enable SYN Cookie
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
tcp-reset-client
Description Send reset to client when rate exceeds or session ages out
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
tcp-reset-server
Description Send reset to server when rate exceeds or session ages out
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
tunnel-decap
Description: tunnel-decap is a JSON Block. Please see below for tunnel-decap
Type: Object
tunnel-rate-limit
Description: tunnel-rate-limit is a JSON Block. Please see below for tunnel-rate-limit
Type: Object
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
tunnel-rate-limit¶
Specification Value Type object gre-rate-limit
Description Enable inner IP rate limiting on GRE traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ip-rate-limit
Description Enable inner IP rate limiting on IPinIP traffic
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
tunnel-decap¶
Specification Value Type object gre-decap
Description Enable GRE Tunnel decapsulation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
ip-decap
Description Enable IP Tunnel decapsulation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
key-cfg
Type: List
tunnel-decap_key-cfg¶
Specification Value Type list Block object keys key
Description Only decapsulate GRE packet with this key (Hexadecimal 0x0-0xFFFFFFFF,decimal 0-4294967295)
Type: string
Maximum Length: 10 characters
Maximum Length: 1 characters