mirror of
https://github.com/pavel-odintsov/fastnetmon
synced 2024-05-27 17:16:14 +02:00
version 0.3 changes
This commit is contained in:
parent
7ba4629012
commit
e1eef5e94f
|
@ -1,22 +1,30 @@
|
|||
#A10 Networks Thunder TPS Appliance AXAPIv3 integration for FastNetMon
|
||||
|
||||
This script connect to A10 Thunder TPS Appliance to create Protected Object and announce BGP route toward upstream router upon FastNetMon ban detection.
|
||||
##Prerequisites:
|
||||
|
||||
1. Indicate the fastnetmon_a10_xx.py script as the executed script under /etc/fastnetmon.conf, i.e. notify_script_path=<path>/fastnetmon_a10_v0.2.py.
|
||||
2. Alternatively, place all files in a directory that is reachable by FastNetMon and indicate it as the executed script in /etc/fastnetmon.conf.
|
||||
3. Make sure both Python scripts are executable, i.e. "chmod +x a10.py fastnetmon_a10_v0.2.py"
|
||||
1. A10 Thunder TPS with AXAPIv3. More information on AXAPIv3: https://www.a10networks.com/resources/glossary/axapi-custom-management.
|
||||
2. Network topology is Asymmetric Reactive with BGP as the routing Protocol. A10 Thunder TPS peers with the upstream router.
|
||||
|
||||
Please modify the following:
|
||||
##Overview:
|
||||
|
||||
1. This script connect to A10 Thunder TPS Appliance via AXAPIv3 to create Protected Object.
|
||||
2. The traffic is onramped via announce BGP route toward upstream router upon FastNetMon ban detection.
|
||||
3. The BGP route is withdrawn upon unban instruction from FastNetMon.
|
||||
4. [Important] Please note that the script works in conjection with the tps_base_config_v[xx].txt and tps_zone_config_v[xx].txt files. For example, the script assumes the 'bgp advertised' command is configured under 'ddos dst zone' to advertise the BGP route. Please consult with www.a10networks.com for the latest commands and configuration guides.
|
||||
4.1 As a matter of reference, the tps_base_config and tps_zone_config configuration files were provided in .txt format under configs/ folder as well as in JSon format under json_configs/ folder. But the assumption is they were pre-configured prior to FastNetMon ban/unban actions.
|
||||
5. Log of the script is keep under /var/log/fastnetmon-notify.log.
|
||||
|
||||
1. A10 Thunder TPS mitigator IP
|
||||
2. BGP Autonomous System Number
|
||||
3. Username and Password for your A10 Device. Note that you can use your own password vault or protection schema
|
||||
##Configuration Steps:
|
||||
|
||||
For more information about A10 Networks AXAPIv3:
|
||||
https://www.a10networks.com/resources/glossary/axapi-custom-management
|
||||
1. Configure the fastnetmon_a10_xx.py script as the executed script under /etc/fastnetmon.conf, i.e. notify_script_path=<path>/fastnetmon_a10_v0.2.py.
|
||||
2. Please note that we have various versions of ban actions depending on your topology, such as integration of aGalaxy.
|
||||
3. Alternatively place all files in a directory that is reachable by FastNetMon and indicate it as the executed script in /etc/fastnetmon.conf.
|
||||
4. Make sure both Python scripts are executable, i.e. "chmod +x a10.py fastnetmon_a10_v0.2.py"
|
||||
|
||||
##Please modify the following in the fastnetmon_a10_v[xx].py script
|
||||
|
||||
v0.2 - Jul 7th, 2016 - initial commit
|
||||
1. A10 Thunder TPS mitigator IP.
|
||||
2. Username and Password for your A10 Device. Please follow your own password vault or other security schema.
|
||||
|
||||
Author: Eric Chou ericc@a10networks.com, Rich Groves rgroves@a10networks.com
|
||||
|
||||
|
@ -40,18 +48,9 @@ Zone Name / Zone Service Info | [State]| Curr Conn| Conn Rate| Pkt
|
|||
Displayed Entries: 1
|
||||
Displayed Services: 0
|
||||
|
||||
TH4435-1#sh run router bgp
|
||||
!Section configuration: 221 bytes
|
||||
!
|
||||
router bgp 64513
|
||||
<skip>
|
||||
network 10.10.10.10/32
|
||||
<skip>
|
||||
!
|
||||
TH4435-1#
|
||||
TH4435-1#sh run router bgp | i 10.10.10.10
|
||||
network 10.10.10.10/32
|
||||
TH4435-1#
|
||||
|
||||
TH4435#sh ip bgp neighbors <upstream router IP> advertised-routes
|
||||
|
||||
```
|
||||
|
||||
- Unban action:
|
||||
|
@ -59,7 +58,7 @@ TH4435-1#
|
|||
a10-ubuntu3:~/fastnetmon/src/a10_plugin$ sudo python fastnetmon_a10_v0.2.py "10.10.10.10" "outgoing" "111111" "unban"
|
||||
|
||||
```
|
||||
TH4435-1#sh run router bgp | i 10.10.10.10
|
||||
TH4435-1#sh ip bgp neighbors <upstream router IP> advertised-routes
|
||||
TH4435-1#
|
||||
```
|
||||
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
Change Logs:
|
||||
|
||||
[8/12/2016]
|
||||
- removed configs/dns_test_server.txt
|
||||
- added configs/tps_base_config_v1.txt and configs/tps_zone_config_v1.txt
|
||||
- modified README file to reflect the dependencies for items under configs/ folder.
|
||||
- created change_log.txt
|
||||
- modify json_configs/ddos_dst_zone.py to match json_configs/tps_zone_config_json_v1.txt
|
||||
- Took out BGP network advertisement, use 'bgp advertise' under dst zone instead
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
!
|
||||
ddos dst zone Test-Server
|
||||
ip 210.0.0.10
|
||||
operational-mode monitor
|
||||
port 53 udp
|
||||
level 0
|
||||
zone-escalation-score 1
|
||||
indicator pkt-rate
|
||||
score 50
|
||||
zone-threshold 1
|
||||
zone-violation-actions bmf_a10_script
|
||||
level 1
|
||||
!
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
ystem anomaly log
|
||||
system anomaly log
|
||||
system attack log
|
||||
system ddos-attack log
|
||||
!
|
||||
|
|
|
@ -1,94 +0,0 @@
|
|||
#!/usr/bin/python
|
||||
|
||||
#
|
||||
# v0.1 created [ban | unban] [on ramp | off ramp action] for A10 TPS
|
||||
# v0.2 offload URI path and json_body into separate json_config files
|
||||
# Eric Chou (ericc@a10networks.com)
|
||||
#
|
||||
|
||||
import sys
|
||||
from sys import stdin
|
||||
import optparse
|
||||
import logging, json
|
||||
from a10 import axapi_auth, axapi_action
|
||||
from json_config.logoff import logoff_path
|
||||
from json_config.write_memory import write_mem_path
|
||||
from json_config.ddos_dst_zone import ddos_dst_zone_path, ddos_dst_zone
|
||||
from json_config.bgp import bgp_advertisement_path, bgp_advertisement
|
||||
|
||||
LOG_FILE = "/var/log/fastnetmon-notify.log"
|
||||
|
||||
|
||||
logger = logging.getLogger("DaemonLog")
|
||||
logger.setLevel(logging.INFO)
|
||||
formatter = logging.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s")
|
||||
handler = logging.FileHandler(LOG_FILE)
|
||||
handler.setFormatter(formatter)
|
||||
logger.addHandler(handler)
|
||||
|
||||
|
||||
|
||||
client_ip_as_string=sys.argv[1]
|
||||
data_direction=sys.argv[2]
|
||||
pps_as_string=int(sys.argv[3])
|
||||
action=sys.argv[4]
|
||||
|
||||
logger.info(" - " . join(sys.argv))
|
||||
|
||||
|
||||
# A10 Mitigator Information
|
||||
mitigator_ip = "192.168.199.152"
|
||||
zone_name = client_ip_as_string + "_zone"
|
||||
ip_addr = client_ip_as_string
|
||||
asn="65003"
|
||||
mitigator_base_url, signature = axapi_auth(mitigator_ip, "admin", "a10")
|
||||
|
||||
|
||||
if action == "unban":
|
||||
try:
|
||||
r = axapi_action(mitigator_base_url+'/axapi/v3/router/bgp/'+asn+'/network/ip-cidr/172.31.201.2%2F32', method="DELETE", signature=signature)
|
||||
except Exception as e:
|
||||
logger.info("route not removed in unban, returned: " + str(e))
|
||||
|
||||
# Commit config
|
||||
axapi_action(mitigator_base_url+write_mem_path, signature=signature)
|
||||
# Logoff
|
||||
axapi_action(mitigator_base_url+logoff_path, signature=signature)
|
||||
|
||||
sys.exit(0)
|
||||
|
||||
elif action == "ban" or action == "attack_details":
|
||||
|
||||
r = axapi_action(mitigator_base_url+ddos_dst_zone_path, method='GET', signature=signature)
|
||||
if zone_name in [i['zone-name'] for i in json.loads(r)['zone-list']]:
|
||||
r = axapi_action(mitigator_base_url+ddos_dst_zone_path+zone_name, method="DELETE", signature=signature)
|
||||
logger.info(str(r))
|
||||
|
||||
# A10 Mitigation On Ramp
|
||||
zone_name = client_ip_as_string + "_zone"
|
||||
ip_addr = client_ip_as_string
|
||||
returned_body = ddos_dst_zone(zone_name, ip_addr)
|
||||
try:
|
||||
r = axapi_action(mitigator_base_url+ddos_dst_zone_path, signature=signature, payload=returned_body)
|
||||
except Exception as e:
|
||||
logger("zone not created: " + str(e))
|
||||
|
||||
route_advertisement = bgp_advertisement(ip_addr)
|
||||
try:
|
||||
r = axapi_action(mitigator_base_url+bgp_advertisement_path+asn, payload=route_advertisement, signature=signature)
|
||||
except Exception as e:
|
||||
logger("route not added: " + str(e))
|
||||
|
||||
# Commit changes
|
||||
axapi_action(mitigator_base_url+write_mem_path, signature=signature)
|
||||
# Log off
|
||||
axapi_action(mitigator_base_url+logoff_path, signature=signature)
|
||||
|
||||
sys.exit(0)
|
||||
|
||||
else:
|
||||
sys.exit(0)
|
||||
|
||||
|
||||
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
bgp_advertisement_path = '/axapi/v3/router/bgp/'
|
||||
|
||||
def bgp_advertisement(ip_addr):
|
||||
route_advertisement = {
|
||||
"bgp":
|
||||
{
|
||||
"network": {
|
||||
"ip-cidr-list": [
|
||||
{
|
||||
"network-ipv4-cidr":ip_addr+"/32",
|
||||
}
|
||||
]
|
||||
},
|
||||
}
|
||||
}
|
||||
return route_advertisement
|
|
@ -1,44 +0,0 @@
|
|||
|
||||
ddos_dst_zone_path = '/axapi/v3/ddos/dst/zone/'
|
||||
|
||||
def ddos_dst_zone(zone_name, ip_addr):
|
||||
port_num = 53
|
||||
port_protocol = 'udp'
|
||||
ddos_dst_zone_payload = {
|
||||
"zone-list": [
|
||||
{
|
||||
"zone-name":zone_name,
|
||||
"ip": [
|
||||
{
|
||||
"ip-addr":ip_addr
|
||||
}
|
||||
],
|
||||
"operational-mode":"monitor",
|
||||
"port": {
|
||||
"zone-service-list": [
|
||||
{
|
||||
"port-num":port_num,
|
||||
"protocol":port_protocol,
|
||||
"level-list": [
|
||||
{
|
||||
"level-num":"0",
|
||||
"zone-escalation-score":1,
|
||||
"indicator-list": [
|
||||
{
|
||||
"type":"pkt-rate",
|
||||
"score":50,
|
||||
"zone-threshold-num":1,
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
"level-num":"1",
|
||||
}
|
||||
],
|
||||
}
|
||||
],
|
||||
},
|
||||
}
|
||||
]
|
||||
}
|
||||
return ddos_dst_zone_payload
|
|
@ -1,3 +0,0 @@
|
|||
|
||||
logoff_path = '/axapi/v3/logoff'
|
||||
|
|
@ -1 +0,0 @@
|
|||
write_mem_path = '/axapi/v3/write/memory'
|
|
@ -6,7 +6,6 @@ a10-url:/axapi/v3/admin
|
|||
"uuid":"57937c0c-06cb-11e6-86f7-000c2998bd62",
|
||||
"password": {
|
||||
"encrypted-in-module":"sCyT4priW1OZSg3m1RiAf0bOyZ0Odnf1rQRp+BHohemGp1YhW+V1NjwQjLjV2wDn",
|
||||
"uuid":"57939002-06cb-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
}
|
||||
]
|
||||
|
@ -16,7 +15,6 @@ a10-url:/axapi/v3/multi-config
|
|||
{
|
||||
"multi-config": {
|
||||
"enable":1,
|
||||
"uuid":"f092f0a8-f579-11e5-9035-000c29188423"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -24,7 +22,6 @@ a10-url:/axapi/v3/monitor
|
|||
{
|
||||
"monitor": {
|
||||
"buffer-usage":91750,
|
||||
"uuid":"cb839304-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -36,7 +33,6 @@ a10-url:/axapi/v3/system
|
|||
"attack-log":1,
|
||||
"ddos-attack":1,
|
||||
"ddos-log":1,
|
||||
"uuid":"cb839782-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -46,7 +42,6 @@ a10-url:/axapi/v3/class-list
|
|||
{
|
||||
"name":"ddos-block",
|
||||
"file":1,
|
||||
"uuid":"e30f55c2-d17d-11e5-a0c9-370c07f071f0"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -55,7 +50,6 @@ a10-url:/axapi/v3/hostname
|
|||
{
|
||||
"hostname": {
|
||||
"value":"tps-fastnetmon",
|
||||
"uuid":"cb83a236-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -69,7 +63,6 @@ a10-url:/axapi/v3/interface/management
|
|||
"default-gateway":"x.x.x.x"
|
||||
},
|
||||
"action":"enable",
|
||||
"uuid":"d0bdee32-7f58-11e5-8648-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -80,16 +73,13 @@ a10-url:/axapi/v3/interface/ethernet
|
|||
"ifnum":1,
|
||||
"name":"Inbound",
|
||||
"action":"enable",
|
||||
"uuid":"cb83a4e8-7f58-11e5-9c10-000c2969ee03",
|
||||
"ddos": {
|
||||
"inside":1,
|
||||
"uuid":"2c639224-06cb-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
},
|
||||
{
|
||||
"ifnum":2,
|
||||
"name":"Outbound",
|
||||
"uuid":"cb83a5e2-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -101,19 +91,16 @@ a10-url:/axapi/v3/glid
|
|||
"name":"1",
|
||||
"description":"10gbps rate limiter",
|
||||
"bit-rate-limit":10000000,
|
||||
"uuid":"3b62871e-ff1c-11e5-92fe-000c29c261a5"
|
||||
},
|
||||
{
|
||||
"name":"2",
|
||||
"description":"1gbps rate limiter",
|
||||
"bit-rate-limit":1000000,
|
||||
"uuid":"f422ba0e-0641-11e6-88f9-000c29c261a5"
|
||||
},
|
||||
{
|
||||
"name":"3",
|
||||
"description":"100mbps rate limiter",
|
||||
"bit-rate-limit":100000,
|
||||
"uuid":"52f1d6ac-06cc-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -123,7 +110,6 @@ a10-url:/axapi/v3/ddos/protection
|
|||
"protection": {
|
||||
"toggle":"enable",
|
||||
"rate-interval":"1sec",
|
||||
"uuid":"cb83a6c8-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -131,7 +117,6 @@ a10-url:/axapi/v3/ddos/resource-tracking/cpu
|
|||
{
|
||||
"cpu": {
|
||||
"enable":1,
|
||||
"uuid":"2f7a3198-cd14-11e5-abab-000c29d5128f"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -142,7 +127,6 @@ a10-url:/axapi/v3/ddos/zone-template/logging
|
|||
"logging-tmpl-name":"cef-logger",
|
||||
"log-format-cef":1,
|
||||
"enable-action-logging":1,
|
||||
"uuid":"6573c09a-ff1c-11e5-92fe-000c29c261a5"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -157,7 +141,6 @@ a10-url:/axapi/v3/ddos/zone-template/tcp
|
|||
"syn-auth-pass-action":"authenticate-src",
|
||||
"syn-auth-fail-action":"drop"
|
||||
},
|
||||
"uuid":"3a627a92-06c7-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -175,7 +158,6 @@ a10-url:/axapi/v3/ddos/zone-template/udp
|
|||
"known-resp-src-port":1,
|
||||
"known-resp-src-port-action":"drop"
|
||||
},
|
||||
"uuid":"41a32342-06c7-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -185,11 +167,9 @@ a10-url:/axapi/v3/ddos/src/default
|
|||
"default-list": [
|
||||
{
|
||||
"default-address-type":"ip",
|
||||
"uuid":"88718bf0-d16c-11e5-a0c9-370c07f071f0"
|
||||
},
|
||||
{
|
||||
"default-address-type":"ipv6",
|
||||
"uuid":"c16cea34-d3d4-11e5-a730-000c29d5128f"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -198,7 +178,6 @@ a10-url:/axapi/v3/logging/syslog
|
|||
{
|
||||
"syslog": {
|
||||
"syslog-levelname":"information",
|
||||
"uuid":"cb8468f6-7f58-11e5-9c10-000c2969ee03"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -207,7 +186,6 @@ a10-url:/axapi/v3/logging/host/ipv4addr
|
|||
"ipv4addr-list": [
|
||||
{
|
||||
"host-ipv4":"x.x.x.x",
|
||||
"uuid":"51393f4a-d31d-11e5-9967-000c29d5128f"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -221,7 +199,6 @@ a10-url:/axapi/v3/router/bgp
|
|||
"log-neighbor-changes":1,
|
||||
"router-id":"x.x.x.x"
|
||||
},
|
||||
"uuid":"775fd5a2-0690-11e6-a0e2-000c29c261a5",
|
||||
"neighbor": {
|
||||
"ipv4-neighbor-list": [
|
||||
{
|
||||
|
@ -234,7 +211,6 @@ a10-url:/axapi/v3/router/bgp
|
|||
"nbr-rmap-direction":"out"
|
||||
}
|
||||
],
|
||||
"uuid":"824b2b74-0690-11e6-a0e2-000c29c261a5"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -249,7 +225,6 @@ a10-url:/axapi/v3/route-map
|
|||
"tag":"ddos-advertise",
|
||||
"action":"permit",
|
||||
"sequence":1,
|
||||
"uuid":"57903fe2-06cb-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -259,7 +234,6 @@ a10-url:/axapi/v3/sflow/setting
|
|||
"setting": {
|
||||
"max-header":128,
|
||||
"packet-sampling-rate":1000,
|
||||
"uuid":"c36affaa-06ca-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -270,7 +244,6 @@ a10-url:/axapi/v3/sflow/collector/ip
|
|||
"addr":"x.x.x.x",
|
||||
"port":6343,
|
||||
"use-mgmt-port":1,
|
||||
"uuid":"ffd9531a-06ca-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -279,7 +252,6 @@ a10-url:/axapi/v3/sflow/agent/address
|
|||
{
|
||||
"address": {
|
||||
"ip":"x.x.x.x",
|
||||
"uuid":"fa5b10ba-06c8-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -292,7 +264,6 @@ a10-url:/axapi/v3/sflow/sampling
|
|||
"eth-end":1
|
||||
}
|
||||
],
|
||||
"uuid":"c3714a04-06ca-11e6-a5cd-000c2998bd62"
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -301,35 +272,27 @@ a10-url:/axapi/v3/vcs-vblades/stat
|
|||
"stat-list": [
|
||||
{
|
||||
"vblade-id":1,
|
||||
"uuid":"55d1650a-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":2,
|
||||
"uuid":"55d16532-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":3,
|
||||
"uuid":"55d16564-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":4,
|
||||
"uuid":"55d1658c-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":5,
|
||||
"uuid":"55d165be-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":6,
|
||||
"uuid":"55d165e6-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":7,
|
||||
"uuid":"55d1660e-06cb-11e6-a9b6-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"vblade-id":8,
|
||||
"uuid":"55d16636-06cb-11e6-a9b6-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -15,18 +15,15 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
},
|
||||
"log-enable":1,
|
||||
"log-periodic":1,
|
||||
"uuid":"2d503b52-06cf-11e6-86f7-000c2998bd62",
|
||||
"ip-proto": {
|
||||
"proto-tcp-udp-list": [
|
||||
{
|
||||
"protocol":"tcp",
|
||||
"drop-frag-pkt":1,
|
||||
"uuid":"2d6b9672-06cf-11e6-86f7-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"protocol":"udp",
|
||||
"drop-frag-pkt":1,
|
||||
"uuid":"2d6be0d2-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
],
|
||||
"proto-name-list": [
|
||||
|
@ -34,13 +31,11 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
"protocol":"icmp-v4",
|
||||
"deny":1,
|
||||
"detection-enable":1,
|
||||
"uuid":"2d6c202e-06cf-11e6-86f7-000c2998bd62"
|
||||
},
|
||||
{
|
||||
"protocol":"icmp-v6",
|
||||
"deny":1,
|
||||
"detection-enable":1,
|
||||
"uuid":"2d6e1f0a-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -50,18 +45,15 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
"port-other":"other",
|
||||
"protocol":"tcp",
|
||||
"detection-enable":1,
|
||||
"uuid":"2d6fe3f8-06cf-11e6-86f7-000c2998bd62",
|
||||
"level-list": [
|
||||
{
|
||||
"level-num":"0",
|
||||
"zone-escalation-score":10,
|
||||
"uuid":"2d717506-06cf-11e6-86f7-000c2998bd62",
|
||||
"indicator-list": [
|
||||
{
|
||||
"type":"pkt-rate",
|
||||
"score":20,
|
||||
"zone-threshold-num":1,
|
||||
"uuid":"2d72359a-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -70,7 +62,6 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
"zone-template": {
|
||||
"tcp":"tcp-protect1"
|
||||
},
|
||||
"uuid":"2d72f9bc-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -78,18 +69,15 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
"port-other":"other",
|
||||
"protocol":"udp",
|
||||
"detection-enable":1,
|
||||
"uuid":"2d73a7cc-06cf-11e6-86f7-000c2998bd62",
|
||||
"level-list": [
|
||||
{
|
||||
"level-num":"0",
|
||||
"zone-escalation-score":10,
|
||||
"uuid":"2d742dc8-06cf-11e6-86f7-000c2998bd62",
|
||||
"indicator-list": [
|
||||
{
|
||||
"type":"pkt-rate",
|
||||
"score":20,
|
||||
"zone-threshold-num":1,
|
||||
"uuid":"2d754f64-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -98,7 +86,6 @@ a10-url:/axapi/v3/ddos/dst/zone
|
|||
"zone-template": {
|
||||
"udp":"udp-protect1"
|
||||
},
|
||||
"uuid":"2d7646e4-06cf-11e6-86f7-000c2998bd62"
|
||||
}
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue