ddos dst zone port zone-service virtualhosts virtualhost

Configure mitigation for virtualhost

virtualhost Specification

Parameter	Value
Type	Collection
Object Key(s)	vhost
Collection Name	virtualhost-list
Collection URI	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost
Element Name	virtualhost
Element URI	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}
Element Attributes	virtualhost_attributes
Partition Visibility	shared
Statistics Data URI	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}/stats
Operational Data URI	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}/oper
Schema	virtualhost schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost	virtualhost attributes
Create List	POST	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost	virtualhost attributes
Get Object	GET	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}	virtualhost attributes
Get List	GET	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost	virtualhost-list
Modify Object	POST	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}	virtualhost attributes
Replace Object	PUT	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}	virtualhost attributes
Replace List	PUT	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost	virtualhost-list
Delete Object	DELETE	/axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}	virtualhost attributes

virtualhost-list

virtualhost-list is JSON List of virtualhost attributes

virtualhost-list : [

{ virtualhost attributes },

{ virtualhost attributes },

…

]

virtualhost attributes

deny

Description Blacklist and Drop all incoming packets for protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

glid-cfg

Description: glid-cfg is a JSON Block. Please see below for glid-cfg

Type: Object

level-list

Type: List

Reference Object: /axapi/v3/ddos/dst/zone/{zone-name}/port/zone-service/{port-num}+{protocol}/virtualhosts/virtualhost/{vhost}/level/{level-num}

servername

Type: List

servername-list

Description Class List to match servername (AC type Class List Name)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

servername-match-any

Description Match when there is no SNI or other servernames are not matched

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

servername-no-sni

Description Match when there is no SNI extension found

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

source-tracking

Description ‘follow’: enable creation of source entries when source-tracking-all is enabled (default); ‘enable’: enable creation of source entries on this virtualhost; ‘disable’: disable creation of source entries on this virtualhost;

Type: string

Supported Values: follow, enable, disable

Default: follow

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

vhost

Description name for virtualhost

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

servername

Specification	Value
Type	list
Block object keys

host-match-string

Description SNI String

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

match-type

Description ‘contains’: match servername extension when contains this string; ‘ends-with’: match servername extension when ends with this string; ‘equals’: match servername extension when equals this string; ‘starts-with’: match servername extension when starts with this string;

Type: string

Supported Values: contains, ends-with, equals, starts-with

glid-cfg

Specification	Value
Type	object

glid

Description Global limit ID

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/glid

glid-action

Description ‘drop’: Drop packets for glid exceed; ‘ignore’: Do nothing for glid exceed;

Type: string

Supported Values: drop, ignore

level-list

Specification	Value
Type	list
Block object keys

glid-action

Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;

Type: string

Supported Values: drop, blacklist-src, ignore

level-num

Description ‘0’: Default policy level;

Type: string

Supported Values: 0

src-default-glid

Description Global limit ID

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Reference Object: /axapi/v3/glid

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

zone-template

Description: zone-template is a JSON Block. Please see below for level-list_zone-template

Type: Object

level-list_zone-template

Specification	Value
Type	object

ssl-l4

Description DDOS ssl-l4 template

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

tcp

Description DDOS tcp template

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters