ddos dst zone ip-proto proto-tcp-udp¶
DDOS IP protocol configuration
proto-tcp-udp Specification¶
Type Collection Object Key(s) protocol Collection Name proto-tcp-udp-list Collection URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp Element Name proto-tcp-udp Element URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol} Element Attributes proto-tcp-udp_attributes Statistics Data URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}/stats Operational Data URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}/oper Schema proto-tcp-udp schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp | ||
Create List | POST | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp | ||
Get Object | GET | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol} | ||
Get List | GET | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp | ||
Modify Object | POST | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol} | ||
Replace Object | PUT | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol} | ||
Replace List | PUT | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp | ||
Delete Object | DELETE | /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol} |
proto-tcp-udp-list¶
proto-tcp-udp-list is JSON List of proto-tcp-udp attributes
proto-tcp-udp-list : [
]
proto-tcp-udp attributes¶
drop-frag-pkt
Description Drop fragmented packets
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
glid-cfg
Description: glid-cfg is a JSON Block. Please see below for glid-cfg
Type: Object
protocol
Description ‘tcp’: ip-proto tcp; ‘udp’: ip-proto udp;
Type: string
Supported Values: tcp, udp
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
glid-cfg¶
Specification Type object glid
Description Global limit ID for the whole zone
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
glid-action
Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;
Type: string
Supported Values: drop, blacklist-src, ignore
per-addr-glid
Description Global limit ID per address
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Refernce Object: /axapi/v3/glid
stats tcp-zone-port¶
| Counter | Size | Description | |
|---|---|---|---|
| src_ack_auth_fail | 8 | Src ACK Retry Failed | |
| src_well_known_port | 8 | Src TCP SrcPort Wellknown | |
| tcp_rexmit_syn_limit_drop | 8 | TCP SYN Retransmit Exceed Drop | |
| secondary_port_kbit_rate_exceed_pkt | 8 | Per Addr-Port KiBit Rate Exceeded Count | |
| outbound_port_bytes_sent | 8 | Outbound Bytes Forwarded | |
| auth_drop | 8 | TCP Auth Dropped | |
| filter_total_not_match | 8 | Filter Total Not Matched | |
| src_ack_retry_gap_drop | 8 | Src ACK Retry Retry-Gap Failed | |
| filter4_match | 8 | Filter4 Match | |
| sess_aged | 8 | Sessions Aged Out | |
| conn_close | 8 | Connections Closed | |
| syn_auth_fail | 8 | SYN Auth Failed | |
| syn_retry_init | 8 | SYN Retry Init | |
| secondary_port_kbit_rate_exceed | 8 | Per Addr-Port KiBit Rate Exceeded | |
| wellknown_sport_drop | 8 | TCP SrcPort Wellknown | |
| conn_rexmit_rate_excd | 8 | TCP Conn Retransmit Rate Exceeded | |
| outbound_port_bytes | 8 | Outbound Bytes Received | |
| out_of_seq_excd | 8 | Out-Of-Seq Exceeded | |
| conn_close_w_rst | 8 | RST Connections Closed | |
| port_src_escalation | 8 | Src Escalation | |
| filter_action_default_pass | 8 | Filter Action Default Pass | |
| src_ack_retry_rto_progress | 8 | Src ACK Retry RTO Progress | |
| src_filter_action_blacklist | 8 | Src Filter Action Blacklist | |
| src_retransmit_excd | 8 | Src Retransmit Exceeded | |
| tcp_rexmit_syn_limit_bl | 8 | TCP SYN Retransmit Exceed Blacklist | |
| outbound_port_drop | 8 | Outbound Packets Dropped | |
| filter5_match | 8 | Filter5 Match | |
| secondary_port_conn_rate_exceed | 8 | Per Addr-Port Conn Rate Exceeded | |
| port_bytes | 8 | Inbound Bytes Received | |
| src_filter_action_default_pass | 8 | Src Filter Action Default Pass | |
| syn_cookie_fail | 8 | SYN Cookie Failed | |
| src_syn_retry_rto_fail | 8 | Src SYN Retry RTO Failed | |
| syn_retry_rto_progress | 8 | SYN Retry RTO Progress | |
| src_conn_rexmit_rate_excd | 8 | Src TCP Conn Retransmit Rate Exceeded | |
| src_out_of_seq_excd | 8 | Src Out-Of-Seq Exceeded | |
| rst_cookie_fail | 8 | RST Cookie Failed | |
| ack_retry_rto_fail | 8 | ACK Retry RTO Failed | |
| frag_rcvd | 8 | Frag Received | |
| src_syn_retry_init | 8 | Src SYN Retry Init | |
| outbound_port_bytes_drop | 8 | Outbound Bytes Dropped | |
| syn_retry_rto_pass | 8 | SYN Retry RTO Passed | |
| bl | 8 | Dst Blacklisted | |
| filter1_match | 8 | Filter1 Match | |
| auth_resp | 8 | TCP Auth Responded | |
| sess_create_inbound | 8 | Inbound Sessions Created | |
| filter_auth_fail | 8 | Filter Auth Failed | |
| conn_create_from_syn | 8 | Connections Created From SYN | |
| exceed_drop_brate_src_pkt | 8 | Src KiBit Rate Exceeded Count | |
| secondary_port_conn_limm_exceed | 8 | Per Addr-Port Conn Limit Exceeded | |
| src_zero_window_excd | 8 | Src Zero-Window Exceeded | |
| ack_auth_fail | 8 | ACK Retry Failed | |
| src_drop | 8 | Src Packets Dropped | |
| src_conn_ofo_rate_excd | 8 | Src TCP Conn Out-Of-Seq Rate Exceeded | |
| syn_retry_gap_drop | 8 | SYN Retry-Gap Failed | |
| conn_create_from_ack | 8 | Connections Created From ACK | |
| filter_none_match | 8 | Filter Not Matched | |
| src_syn_retry_gap_drop | 8 | Src SYN Retry-Gap Failed | |
| syn_drop | 8 | SYN Dropped | |
| port_conn_rate_exceed | 8 | Conn Rate Exceeded | |
| port_kbit_rate_exceed_pkt | 8 | KiBit Rate Exceeded Count | |
| unauth_drop | 8 | TCP Unauth Dropped | |
| src_syn_cookie_sent | 8 | Src SYN Cookie Sent | |
| port_bytes_sent | 8 | Inbound Bytes Forwarded | |
| exceed_drop_brate_src | 8 | Src KiBit Rate Exceeded | |
| port_kbit_rate_exceed | 8 | KiBit Rate Exceeded | |
| src_unauth_drop | 8 | Src TCP Unauth Dropped | |
| filter_action_whitelist | 8 | Filter Action WL | |
| src_conn_pkt_rate_excd | 8 | Src TCP Conn Pkt Rate Exceeded | |
| port_src_bl | 8 | Src Blacklisted | |
| outbound_port_pkt_sent | 8 | Outbound Packets Forwarded | |
| sess_create_outbound | 8 | Outbound Sessions Created | |
| conn_close_w_fin | 8 | FIN Connections Closed | |
| src_ack_retry_rto_pass | 8 | Src ACK Retry RTO Passed | |
| src_conn_zwindow_rate_excd | 8 | Src TCP Conn Zero-Window Rate Exceeded | |
| src_ack_retry_init | 8 | Src ACK Retry Init | |
| filter_action_blacklist | 8 | Filter Action Blacklist | |
| port_pkt_sent | 8 | Inbound Packets Forwarded | |
| syn_auth_pass | 8 | SYN Auth Passed | |
| syn_retry_rto_fail | 8 | SYN Retry RTO Failed | |
| syn_cookie_sent | 8 | SYN Cookie Sent | |
| retransmit_excd | 8 | Retransmit Exceeded | |
| src_syn_auth_fail | 8 | Src SYN Auth Failed | |
| src_filter_action_whitelist | 8 | Src Filter Action WL | |
| zero_window_excd | 8 | Zero-Window Exceeded | |
| conn_ofo_rate_excd | 8 | TCP Conn Out-Of-Seq Rate Exceeded | |
| filter2_match | 8 | Filter2 Match | |
| frag_drop | 8 | Frag Dropped | |
| port_conn_limm_exceed | 8 | Conn Limit Exceeded | |
| filter3_match | 8 | Filter3 Match | |
| exceed_drop_climit_src | 8 | Src Conn Limit Exceeded | |
| conn_close_w_idle | 8 | Idle Connections Closed | |
| secondary_port_pkt_rate_exceed | 8 | Per Addr-Port Packet Rate Exceeded | |
| sess_create | 8 | Session Create | |
| port_bytes_drop | 8 | Inbound Bytes Dropped | |
| exceed_drop_prate_src | 8 | Src Pkt Rate Exceeded | |
| ack_retry_pass | 8 | ACK Retry Passed | |
| src_syn_cookie_fail | 8 | Src SYN Cookie Failed | |
| syn_retry_failed | 8 | SYN Retry Failed | |
| ack_retry_init | 8 | ACK Retry Init | |
| ack_retry_gap_drop | 8 | ACK Retry Retry-Gap Failed | |
| syn_retry_pass | 8 | SYN Retry Passed | |
| current_es_level | 8 | Current Escalation Level | |
| src_syn_retry_failed | 8 | Src SYN Retry Failed | |
| filter_action_drop | 8 | Filter Action Drop | |
| src_ack_retry_rto_fail | 8 | Src ACK Retry RTO Failed | |
| conn_zwindow_rate_excd | 8 | TCP Conn Zero-Window Rate Exceeded | |
| ack_retry_rto_progress | 8 | ACK Retry RTO Progress | |
| port_pkt_rate_exceed | 8 | Packet Rate Exceeded | |
| port_drop | 8 | Inbound Packets Dropped | |
| ack_retry_rto_pass | 8 | ACK Retry RTO Passed | |
| outbound_port_rcvd | 8 | Outbound Packets Received | |
| src_syn_retry_rto_pass | 8 | Src SYN Retry RTO Passed | |
| port_rcvd | 8 | Inbound Packets Received | |
| conn_close_half_open | 8 | Half Open Connections Closed | |
| src_syn_retry_rto_progress | 8 | Src SYN Retry RTO Progress | |
| conn_prate_excd | 8 | TCP Conn Pkt Rate Exceeded | |
| exceed_drop_crate_src | 8 | Src Conn Rate Exceeded | |
| src_rst_cookie_fail | 8 | Src RST Cookie Failed | |
| src_filter_action_drop | 8 | Src Filter Action Drop |
stats udp-zone-port¶
| Counter | Size | Description | |
|---|---|---|---|
| filter_none_match | 8 | Filter Not Matched | |
| port_conn_limm_exceed | 8 | Conn Limit Exceeded | |
| filter3_match | 8 | Filter3 Match | |
| ntp_monlist_req | 8 | NTP Monlist Request | |
| outbound_port_drop | 8 | Outbound Packets Dropped | |
| payload_too_big | 8 | UDP Payload Too Large | |
| secondary_port_pkt_rate_exceed | 8 | Per Addr-Port Packet Rate Exceeded | |
| sess_create | 8 | Session Create | |
| port_conn_rate_exceed | 8 | Conn Rate Exceeded | |
| filter5_match | 8 | Filter5 Match | |
| exceed_drop_prate_src | 8 | Src Pkt Rate Exceeded | |
| outbound_port_bytes_sent | 8 | Outbound Bytes Forwarded | |
| sess_create_inbound | 8 | Inbound Sessions Created | |
| secondary_port_conn_rate_exceed | 8 | Per Addr-Port Conn Rate Exceeded | |
| exceed_drop_climit_src | 8 | Src Conn Limit Exceeded | |
| udp_auth_drop | 8 | UDP Auth Dropped | |
| src_udp_retry_gap_drop | 8 | Src UDP Retry Retry-Gap Failed | |
| src_ntp_monlist_req | 8 | Src NTP Monlist Request | |
| filter4_match | 8 | Filter4 Match | |
| spoof_detect_fail | 8 | UDP Retry Failed | |
| sess_create_outbound | 8 | Outbound Sessions Created | |
| sess_aged | 8 | Sessions Aged Out | |
| port_bytes_sent | 8 | Inbound Bytes Forwarded | |
| exceed_drop_brate_src | 8 | Src KiBit Rate Exceeded | |
| port_kbit_rate_exceed_pkt | 8 | KiBit Rate Exceeded Count | |
| port_kbit_rate_exceed | 8 | KiBit Rate Exceeded | |
| udp_retry_gap_drop | 8 | UDP Retry Retry-Gap Failed | |
| payload_too_small | 8 | UDP Payload Too Small | |
| src_filter_action_whitelist | 8 | Src Filter Action Whitelist | |
| src_ntp_monlist_resp | 8 | Src NTP Monlist Response | |
| filter_action_default_pass | 8 | Filter Action Default Pass | |
| filter_action_whitelist | 8 | Filter Action Whitelist | |
| src_conn_pkt_rate_excd | 8 | Src UDP Conn Pkt Rate Exceeded | |
| port_src_bl | 8 | Src Blacklisted | |
| src_filter_action_default_pass | 8 | Src Filter Action Default Pass | |
| outbound_port_bytes_drop | 8 | Outbound Bytes Dropped | |
| outbound_port_pkt_sent | 8 | Outbound Packets Forwarded | |
| wellknown_sport_drop | 8 | UDP SrcPort Wellknown | |
| udp_retry_init | 8 | UDP Retry Init | |
| bl | 8 | Dst Blacklisted | |
| current_es_level | 8 | Current Escalation Level | |
| ntp_monlist_resp | 8 | NTP Monlist Response | |
| filter_action_drop | 8 | Filter Action Drop | |
| filter1_match | 8 | Filter1 Match | |
| filter_auth_fail | 8 | Filter Auth Failed | |
| src_udp_retry_init | 8 | Src UDP Retry Init | |
| exceed_drop_brate_src_pkt | 8 | Src KiBit Rate Exceeded Count | |
| src_payload_too_big | 8 | Src UDP Payload Too Large | |
| src_well_known_port | 8 | Src UDP SrcPort Wellknown | |
| secondary_port_conn_limm_exceed | 8 | Per Addr-Port Conn Limit Exceeded | |
| filter_action_blacklist | 8 | Filter Action Blacklist | |
| port_pkt_rate_exceed | 8 | Packet Rate Exceeded | |
| port_pkt_sent | 8 | Inbound Packets Forwarded | |
| udp_retry_pass | 8 | UDP Retry Passed | |
| src_filter_action_blacklist | 8 | Src Filter Action Blacklist | |
| outbound_port_rcvd | 8 | Outbound Packets Received | |
| port_bytes_drop | 8 | Inbound Bytes Dropped | |
| outbound_port_bytes | 8 | Outbound Bytes Received | |
| secondary_port_kbit_rate_exceed | 8 | Per Addr-Port KiBit Rate Exceeded | |
| port_rcvd | 8 | Inbound Packets Received | |
| port_src_escalation | 8 | Src Escalation | |
| src_drop | 8 | Src Packets Dropped | |
| port_bytes | 8 | Inbound Bytes Received | |
| frag_rcvd | 8 | Frag Received | |
| src_payload_too_small | 8 | Src UDP Payload Too Small | |
| conn_prate_excd | 8 | UDP Conn Pkt Rate Exceeded | |
| exceed_drop_crate_src | 8 | Src Conn Rate Exceeded | |
| filter2_match | 8 | Filter2 Match | |
| frag_drop | 8 | Frag Dropped | |
| port_drop | 8 | Inbound Packets Dropped | |
| secondary_port_kbit_rate_exceed_pkt | 8 | Per Addr-Port KiBit Rate Exceeded Count | |
| src_filter_action_drop | 8 | Src Filter Action Drop |
operational data¶
| Counter | Size | Description | |
|---|---|---|---|
| overflow-policy | flag | overflow-policy | |
| class-list | string | class-list | |
| entry-displayed-count | number | entry-displayed-count | |
| subnet-ip-addr | ipv4-cidr | subnet-ip-addr | |
| ddos_entry_list | ddos_entry_list | ||
| service-displayed-count | number | service-displayed-count | |
| sources | flag | sources | |
| ipv6 | ipv6-address | ipv6 | |
| sources-all-entries | flag | sources-all-entries | |
| subnet-ipv6-addr | ipv6-address-plen | subnet-ipv6-addr |