Hi all, I’m working with axAPIv3 and PowerShell. I just recently wrote some functions to invoke API calls and I’m having a hard time wrapping my head around creating a ‘ddos dst entry’ and/or ‘ddos dst zone’ configuration. In the axAPIv3 Documentation for ‘ddos dst entry’, it provides a schema which has a ton of information, but when I perform a GET call on an existing entry, it’s completely different. For example, let’s take the CLI route:
show run ddos dst entry TEST_1.2.3.4
!Section configuration: 245 bytes
!
ddos dst entry TEST_1.2.3.4 1.2.3.4
description TEST.domain.com
log-enable
l4-type tcp
glid 100
syn-auth disable
l4-type udp
glid 100
drop-frag-pkt
port 443 ssl-l4
glid 10
port 1001 udp
glid 10
!
When I do a GET on ‘/axapi/v3/ddos/dst/entry/TEST_1.2.3.4’ it looks nothing like ddos-dst-entry.txt from the docs schema file:
{
"entry": {
"dst-entry-name":"TEST_1.2.3.4",
"ip-addr":"1.2.3.4",
"description":"TEST.domain.com",
"exceed-log-cfg": {
"log-enable":1,
"log-with-sflow":0,
"log-high-frequency":0
},
"log-periodic":0,
"drop-frag-pkt":0,
"sflow": {
"polling": {
"sflow-packets":0,
"sflow-layer-4":0,
"sflow-tcp": {
"sflow-tcp-basic":0,
"sflow-tcp-stateful":0
},
"sflow-http":0,
"sflow-undef-port-hit-stats":0,
"sflow-undef-port-hit-stats-brief":0
}
},
"drop-on-no-src-dst-default":0,
"drop-disable":0,
"operational-mode":"protection",
"reporting-disabled":0,
"advertised-enable":0,
"uuid":"61df793c-e3ae-11e8-aefa-ffe0862d8a42",
"l4-type-list": [
{
"protocol":"tcp",
"glid":"100",
"deny":0,
"syn-auth":"disable",
"syn-cookie":0,
"tcp-reset-client":0,
"tcp-reset-server":0,
"drop-on-no-port-match":"enable",
"drop-frag-pkt":0,
"undefined-port-hit-statistics": {
"undefined-port-hit-statistics":0
},
"uuid":"681ff218-e3ae-11e8-aefa-ffe0862d8a42",
"port-ind": {
"uuid":"682011da-e3ae-11e8-aefa-ffe0862d8a42",
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/l4-type/tcp/port-ind"
},
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/l4-type/tcp"
},
{
"protocol":"udp",
"glid":"100",
"deny":0,
"drop-on-no-port-match":"enable",
"stateful":0,
"drop-frag-pkt":1,
"undefined-port-hit-statistics": {
"undefined-port-hit-statistics":0
},
"uuid":"97fdf1c4-e3ae-11e8-aefa-ffe0862d8a42",
"port-ind": {
"uuid":"97fe10d2-e3ae-11e8-aefa-ffe0862d8a42",
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/l4-type/udp/port-ind"
},
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/l4-type/udp"
}
],
"port-list": [
{
"port-num":443,
"protocol":"ssl-l4",
"detection-enable":0,
"enable-top-k":0,
"deny":0,
"glid":"10",
"sflow": {
"polling": {
"sflow-packets":0,
"sflow-tcp": {
"sflow-tcp-basic":0,
"sflow-tcp-stateful":0
},
"sflow-http":0
}
},
"uuid":"a64159a6-e3ae-11e8-aefa-ffe0862d8a42",
"port-ind": {
"uuid":"a6436f98-e3ae-11e8-aefa-ffe0862d8a42",
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/port/443+ssl-l4/port-ind"
},
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/port/443+ssl-l4"
},
{
"port-num":1001,
"protocol":"udp",
"detection-enable":0,
"enable-top-k":0,
"deny":0,
"glid":"10",
"sflow": {
"polling": {
"sflow-packets":0
}
},
"uuid":"ca648fce-e3ae-11e8-aefa-ffe0862d8a42",
"port-ind": {
"uuid":"ca64b152-e3ae-11e8-aefa-ffe0862d8a42",
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/port/1001+udp/port-ind"
},
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4/port/1001+udp"
}
],
"a10-url":"/axapi/v3/ddos/dst/entry/TEST_1.2.3.4"
}
}
So, I’m hoping someone could walk me through how to form the appropriate JSON object for creating, updating, and validating an entry. Any assistance is greatly appreciated. Is there a better reference document for axAPI and TPS devices? What would be the bare minimum I would need to include in the JSON object given my CLI example above?