ddos dst zone ip-proto proto-tcp-udp

DDOS IP protocol configuration

proto-tcp-udp Specification

   
Type Collection
Object Key(s) protocol
Collection Name proto-tcp-udp-list
Collection URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp
Element Name proto-tcp-udp
Element URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}
Element Attributes proto-tcp-udp_attributes
Statistics Data URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}/stats
Operational Data URI /axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}/oper
Schema proto-tcp-udp schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp

proto-tcp-udp attributes

Create List

POST

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp

proto-tcp-udp attributes

Get Object

GET

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}

proto-tcp-udp attributes

Get List

GET

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp

proto-tcp-udp-list

Modify Object

POST

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}

proto-tcp-udp attributes

Replace Object

PUT

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}

proto-tcp-udp attributes

Replace List

PUT

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp

proto-tcp-udp-list

Delete Object

DELETE

/axapi/v3/ddos/dst/zone/{zone-name}/ip-proto/proto-tcp-udp/{protocol}

proto-tcp-udp attributes

proto-tcp-udp-list

proto-tcp-udp-list is JSON List of proto-tcp-udp attributes

proto-tcp-udp-list : [

proto-tcp-udp attributes

drop-frag-pkt

Description Drop fragmented packets

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

glid-cfg

Description: glid-cfg is a JSON Block. Please see below for glid-cfg

Type: Object

protocol

Description ‘tcp’: ip-proto tcp; ‘udp’: ip-proto udp;

Type: string

Supported Values: tcp, udp

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

glid-cfg

Specification  
Type object

glid

Description Global limit ID for the whole zone

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Refernce Object: /axapi/v3/glid

glid-action

Description ‘drop’: Drop packets for glid exceed (Default); ‘blacklist-src’: Blacklist-src for glid exceed; ‘ignore’: Do nothing for glid exceed;

Type: string

Supported Values: drop, blacklist-src, ignore

per-addr-glid

Description Global limit ID per address

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Refernce Object: /axapi/v3/glid

stats tcp-zone-port

  Counter Size Description
       
  src_ack_auth_fail 8 Src ACK Retry Failed
  src_well_known_port 8 Src TCP SrcPort Wellknown
  tcp_rexmit_syn_limit_drop 8 TCP SYN Retransmit Exceed Drop
  secondary_port_kbit_rate_exceed_pkt 8 Per Addr-Port KiBit Rate Exceeded Count
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  auth_drop 8 TCP Auth Dropped
  filter_total_not_match 8 Filter Total Not Matched
  src_ack_retry_gap_drop 8 Src ACK Retry Retry-Gap Failed
  filter4_match 8 Filter4 Match
  sess_aged 8 Sessions Aged Out
  conn_close 8 Connections Closed
  syn_auth_fail 8 SYN Auth Failed
  syn_retry_init 8 SYN Retry Init
  secondary_port_kbit_rate_exceed 8 Per Addr-Port KiBit Rate Exceeded
  wellknown_sport_drop 8 TCP SrcPort Wellknown
  conn_rexmit_rate_excd 8 TCP Conn Retransmit Rate Exceeded
  outbound_port_bytes 8 Outbound Bytes Received
  out_of_seq_excd 8 Out-Of-Seq Exceeded
  conn_close_w_rst 8 RST Connections Closed
  port_src_escalation 8 Src Escalation
  filter_action_default_pass 8 Filter Action Default Pass
  src_ack_retry_rto_progress 8 Src ACK Retry RTO Progress
  src_filter_action_blacklist 8 Src Filter Action Blacklist
  src_retransmit_excd 8 Src Retransmit Exceeded
  tcp_rexmit_syn_limit_bl 8 TCP SYN Retransmit Exceed Blacklist
  outbound_port_drop 8 Outbound Packets Dropped
  filter5_match 8 Filter5 Match
  secondary_port_conn_rate_exceed 8 Per Addr-Port Conn Rate Exceeded
  port_bytes 8 Inbound Bytes Received
  src_filter_action_default_pass 8 Src Filter Action Default Pass
  syn_cookie_fail 8 SYN Cookie Failed
  src_syn_retry_rto_fail 8 Src SYN Retry RTO Failed
  syn_retry_rto_progress 8 SYN Retry RTO Progress
  src_conn_rexmit_rate_excd 8 Src TCP Conn Retransmit Rate Exceeded
  src_out_of_seq_excd 8 Src Out-Of-Seq Exceeded
  rst_cookie_fail 8 RST Cookie Failed
  ack_retry_rto_fail 8 ACK Retry RTO Failed
  frag_rcvd 8 Frag Received
  src_syn_retry_init 8 Src SYN Retry Init
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  syn_retry_rto_pass 8 SYN Retry RTO Passed
  bl 8 Dst Blacklisted
  filter1_match 8 Filter1 Match
  auth_resp 8 TCP Auth Responded
  sess_create_inbound 8 Inbound Sessions Created
  filter_auth_fail 8 Filter Auth Failed
  conn_create_from_syn 8 Connections Created From SYN
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  secondary_port_conn_limm_exceed 8 Per Addr-Port Conn Limit Exceeded
  src_zero_window_excd 8 Src Zero-Window Exceeded
  ack_auth_fail 8 ACK Retry Failed
  src_drop 8 Src Packets Dropped
  src_conn_ofo_rate_excd 8 Src TCP Conn Out-Of-Seq Rate Exceeded
  syn_retry_gap_drop 8 SYN Retry-Gap Failed
  conn_create_from_ack 8 Connections Created From ACK
  filter_none_match 8 Filter Not Matched
  src_syn_retry_gap_drop 8 Src SYN Retry-Gap Failed
  syn_drop 8 SYN Dropped
  port_conn_rate_exceed 8 Conn Rate Exceeded
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  unauth_drop 8 TCP Unauth Dropped
  src_syn_cookie_sent 8 Src SYN Cookie Sent
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  src_unauth_drop 8 Src TCP Unauth Dropped
  filter_action_whitelist 8 Filter Action WL
  src_conn_pkt_rate_excd 8 Src TCP Conn Pkt Rate Exceeded
  port_src_bl 8 Src Blacklisted
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  sess_create_outbound 8 Outbound Sessions Created
  conn_close_w_fin 8 FIN Connections Closed
  src_ack_retry_rto_pass 8 Src ACK Retry RTO Passed
  src_conn_zwindow_rate_excd 8 Src TCP Conn Zero-Window Rate Exceeded
  src_ack_retry_init 8 Src ACK Retry Init
  filter_action_blacklist 8 Filter Action Blacklist
  port_pkt_sent 8 Inbound Packets Forwarded
  syn_auth_pass 8 SYN Auth Passed
  syn_retry_rto_fail 8 SYN Retry RTO Failed
  syn_cookie_sent 8 SYN Cookie Sent
  retransmit_excd 8 Retransmit Exceeded
  src_syn_auth_fail 8 Src SYN Auth Failed
  src_filter_action_whitelist 8 Src Filter Action WL
  zero_window_excd 8 Zero-Window Exceeded
  conn_ofo_rate_excd 8 TCP Conn Out-Of-Seq Rate Exceeded
  filter2_match 8 Filter2 Match
  frag_drop 8 Frag Dropped
  port_conn_limm_exceed 8 Conn Limit Exceeded
  filter3_match 8 Filter3 Match
  exceed_drop_climit_src 8 Src Conn Limit Exceeded
  conn_close_w_idle 8 Idle Connections Closed
  secondary_port_pkt_rate_exceed 8 Per Addr-Port Packet Rate Exceeded
  sess_create 8 Session Create
  port_bytes_drop 8 Inbound Bytes Dropped
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  ack_retry_pass 8 ACK Retry Passed
  src_syn_cookie_fail 8 Src SYN Cookie Failed
  syn_retry_failed 8 SYN Retry Failed
  ack_retry_init 8 ACK Retry Init
  ack_retry_gap_drop 8 ACK Retry Retry-Gap Failed
  syn_retry_pass 8 SYN Retry Passed
  current_es_level 8 Current Escalation Level
  src_syn_retry_failed 8 Src SYN Retry Failed
  filter_action_drop 8 Filter Action Drop
  src_ack_retry_rto_fail 8 Src ACK Retry RTO Failed
  conn_zwindow_rate_excd 8 TCP Conn Zero-Window Rate Exceeded
  ack_retry_rto_progress 8 ACK Retry RTO Progress
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  port_drop 8 Inbound Packets Dropped
  ack_retry_rto_pass 8 ACK Retry RTO Passed
  outbound_port_rcvd 8 Outbound Packets Received
  src_syn_retry_rto_pass 8 Src SYN Retry RTO Passed
  port_rcvd 8 Inbound Packets Received
  conn_close_half_open 8 Half Open Connections Closed
  src_syn_retry_rto_progress 8 Src SYN Retry RTO Progress
  conn_prate_excd 8 TCP Conn Pkt Rate Exceeded
  exceed_drop_crate_src 8 Src Conn Rate Exceeded
  src_rst_cookie_fail 8 Src RST Cookie Failed
  src_filter_action_drop 8 Src Filter Action Drop

stats udp-zone-port

  Counter Size Description
       
  filter_none_match 8 Filter Not Matched
  port_conn_limm_exceed 8 Conn Limit Exceeded
  filter3_match 8 Filter3 Match
  ntp_monlist_req 8 NTP Monlist Request
  outbound_port_drop 8 Outbound Packets Dropped
  payload_too_big 8 UDP Payload Too Large
  secondary_port_pkt_rate_exceed 8 Per Addr-Port Packet Rate Exceeded
  sess_create 8 Session Create
  port_conn_rate_exceed 8 Conn Rate Exceeded
  filter5_match 8 Filter5 Match
  exceed_drop_prate_src 8 Src Pkt Rate Exceeded
  outbound_port_bytes_sent 8 Outbound Bytes Forwarded
  sess_create_inbound 8 Inbound Sessions Created
  secondary_port_conn_rate_exceed 8 Per Addr-Port Conn Rate Exceeded
  exceed_drop_climit_src 8 Src Conn Limit Exceeded
  udp_auth_drop 8 UDP Auth Dropped
  src_udp_retry_gap_drop 8 Src UDP Retry Retry-Gap Failed
  src_ntp_monlist_req 8 Src NTP Monlist Request
  filter4_match 8 Filter4 Match
  spoof_detect_fail 8 UDP Retry Failed
  sess_create_outbound 8 Outbound Sessions Created
  sess_aged 8 Sessions Aged Out
  port_bytes_sent 8 Inbound Bytes Forwarded
  exceed_drop_brate_src 8 Src KiBit Rate Exceeded
  port_kbit_rate_exceed_pkt 8 KiBit Rate Exceeded Count
  port_kbit_rate_exceed 8 KiBit Rate Exceeded
  udp_retry_gap_drop 8 UDP Retry Retry-Gap Failed
  payload_too_small 8 UDP Payload Too Small
  src_filter_action_whitelist 8 Src Filter Action Whitelist
  src_ntp_monlist_resp 8 Src NTP Monlist Response
  filter_action_default_pass 8 Filter Action Default Pass
  filter_action_whitelist 8 Filter Action Whitelist
  src_conn_pkt_rate_excd 8 Src UDP Conn Pkt Rate Exceeded
  port_src_bl 8 Src Blacklisted
  src_filter_action_default_pass 8 Src Filter Action Default Pass
  outbound_port_bytes_drop 8 Outbound Bytes Dropped
  outbound_port_pkt_sent 8 Outbound Packets Forwarded
  wellknown_sport_drop 8 UDP SrcPort Wellknown
  udp_retry_init 8 UDP Retry Init
  bl 8 Dst Blacklisted
  current_es_level 8 Current Escalation Level
  ntp_monlist_resp 8 NTP Monlist Response
  filter_action_drop 8 Filter Action Drop
  filter1_match 8 Filter1 Match
  filter_auth_fail 8 Filter Auth Failed
  src_udp_retry_init 8 Src UDP Retry Init
  exceed_drop_brate_src_pkt 8 Src KiBit Rate Exceeded Count
  src_payload_too_big 8 Src UDP Payload Too Large
  src_well_known_port 8 Src UDP SrcPort Wellknown
  secondary_port_conn_limm_exceed 8 Per Addr-Port Conn Limit Exceeded
  filter_action_blacklist 8 Filter Action Blacklist
  port_pkt_rate_exceed 8 Packet Rate Exceeded
  port_pkt_sent 8 Inbound Packets Forwarded
  udp_retry_pass 8 UDP Retry Passed
  src_filter_action_blacklist 8 Src Filter Action Blacklist
  outbound_port_rcvd 8 Outbound Packets Received
  port_bytes_drop 8 Inbound Bytes Dropped
  outbound_port_bytes 8 Outbound Bytes Received
  secondary_port_kbit_rate_exceed 8 Per Addr-Port KiBit Rate Exceeded
  port_rcvd 8 Inbound Packets Received
  port_src_escalation 8 Src Escalation
  src_drop 8 Src Packets Dropped
  port_bytes 8 Inbound Bytes Received
  frag_rcvd 8 Frag Received
  src_payload_too_small 8 Src UDP Payload Too Small
  conn_prate_excd 8 UDP Conn Pkt Rate Exceeded
  exceed_drop_crate_src 8 Src Conn Rate Exceeded
  filter2_match 8 Filter2 Match
  frag_drop 8 Frag Dropped
  port_drop 8 Inbound Packets Dropped
  secondary_port_kbit_rate_exceed_pkt 8 Per Addr-Port KiBit Rate Exceeded Count
  src_filter_action_drop 8 Src Filter Action Drop

operational data

  Counter Size Description
       
  overflow-policy flag overflow-policy
  class-list string class-list
  entry-displayed-count number entry-displayed-count
  subnet-ip-addr ipv4-cidr subnet-ip-addr
  ddos_entry_list   ddos_entry_list
  service-displayed-count number service-displayed-count
  sources flag sources
  ipv6 ipv6-address ipv6
  sources-all-entries flag sources-all-entries
  subnet-ipv6-addr ipv6-address-plen subnet-ipv6-addr