Data returned by Barad
Used by actions: DescribeBaradData.
Name | Type | Description |
---|---|---|
MetricName | String | Metric name (connum: number of active TCP connections; new_conn: number of new TCP connections; inactive_conn: number of inactive connections; intraffic: inbound traffic; outtraffic: outbound traffic; alltraffic: sum of inbound and outbound traffic; inpkg: inbound packet rate; outpkg: outbound packet rate;) |
Data | Array of Float | Value array |
Count | Integer | Value array size |
IP object bound to Anti-DDoS Pro
Used by actions: CreateBoundIP.
Name | Type | Required | Description |
---|---|---|---|
Ip | String | Yes | IP |
BizType | String | No | Bound product type. Valid values: [public (CVM), bm (BM), eni (ENI), vpngw (VPN Gateway), natgw (NAT Gateway), waf (WAF), fpc (finance product), gaap (GAAP), other (hosted IP)] |
DeviceType | String | No | Subtype under product type. Valid values: [cvm (CVM), lb (CLB), eni (ENI), vpngw (VPN), natgw (NAT), waf (WAF), fpc (finance), gaap (GAAP), other (hosted IP), eip (BM EIP)] |
InstanceId | String | No | Resource instance ID of IP. This field is required when binding a new IP. For example, if it is an ENI IP, enter ID(eni-*) of the ENI for InstanceId ; if it is a hosted IP without corresponding resource instance ID, enter "none"; |
CC alarm threshold
Used by actions: DescribeCCAlarmThreshold.
Name | Type | Description |
---|---|---|
AlarmThreshold | Integer | CC alarm threshold |
CC attack event record
Used by actions: DescribeCCEvList.
Name | Type | Description |
---|---|---|
Business | String | Anti-DDoS service type. bgpip : Anti-DDoS Advanced; bgp : Anti-DDoS Pro (Single IP); bgp-multip : Anti-DDoS Pro (Multi-IP); net : Anti-DDoS Ultimate; basic : Anti-DDoS Basic |
Id | String | Anti-DDoS instance ID |
Vip | String | Resource IP |
StartTime | Timestamp | Attack start time |
EndTime | Timestamp | Attack end time |
ReqQps | Integer | Total requests peak (QPS) |
DropQps | Integer | Attack peak (QPS) |
AttackStatus | Integer | Attack status. Valid values: [0 (ongoing), 1 (ended)] |
ResourceName | String | Resource name Note: this field may return null, indicating that no valid values can be obtained. |
DomainList | String | Domain name list Note: this field may return null, indicating that no valid values can be obtained. |
UriList | String | URI list Note: this field may return null, indicating that no valid values can be obtained. |
AttackipList | String | Attack source list Note: this field may return null, indicating that no valid values can be obtained. |
Access frequency control rule for CC protection
Used by actions: DescribeCCFrequencyRules.
Name | Type | Description |
---|---|---|
CCFrequencyRuleId | String | ID of the access frequency control rule for CC protection |
Uri | String | URI string, which must start with / , such as /abc/a.php . Length limit: 31. If URI is / , only prefix match can be selected as the matching mode; |
UserAgent | String | User-Agent string. Length limit: 80 |
Cookie | String | Cookie string. Length limit: 40 |
Mode | String | Matching rule. Valid values: ["include" (prefix match), "equal" (exact match)] |
Period | Integer | Reference period in seconds. Valid values: [10, 30, 60] |
ReqNumber | Integer | Number of access requests. Value range: [1-10000] |
Act | String | Action take. Valid values: ["alg" (CAPTCHA), "drop" (blocking)] |
ExeDuration | Integer | Execution duration in seconds. Valid range: [1-900] |
Custom CC protection rule
Used by actions: CreateCCSelfDefinePolicy, DescribeCCSelfDefinePolicy, ModifyCCSelfDefinePolicy.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Policy name |
Smode | String | Yes | Matching mode. Valid values: [matching (matching mode), speedlimit (speed limiting mode)] |
SetId | String | No | Policy ID |
Frequency | Integer | No | Number of requests allowed per minute |
ExeMode | String | No | Executed policy mode. Valid values: [alg (verification code), drop (blocking)] |
Switch | Integer | No | Specifies whether the policy is activated |
CreateTime | String | No | Creation time |
RuleList | Array of CCRule | No | Rule list |
IpList | Array of String | No | IP list. If this field is to be left empty, please pass in an empty instead of null; |
Protocol | String | No | CC protection type. Valid values: [http, https] |
RuleId | String | No | ID of the forwarding rule corresponding to the HTTPS CC protection domain name |
Domain | String | No | HTTPS CC protection domain name |
The custom CC protection policy in key-value format
Used by actions: CreateCCSelfDefinePolicy, DescribeCCSelfDefinePolicy, ModifyCCSelfDefinePolicy.
Name | Type | Required | Description |
---|---|---|---|
Skey | String | Yes | Key of the policy. Valid values: host , cgi , ua , referer |
Operator | String | Yes | Rule condition. Valid values: include , not_include , equal |
Value | String | Yes | Value of the policy. Length limit: 31 bytes |
Custom layer-7 CC policy
Used by actions: CreateL7CCRule.
Name | Type | Required | Description |
---|---|---|---|
Period | Integer | Yes | Reference period in seconds. Valid values: [10, 30, 60] |
ReqNumber | Integer | Yes | Number of access requests. Value range: [1-10000] |
Action | String | Yes | Action take. Valid values: ["alg" (CAPTCHA), "drop" (blocking)] |
ExeDuration | Integer | Yes | Execution duration in seconds. Valid range: [1-900] |
DDoS alarm threshold
Used by actions: DescribeDDoSAlarmThreshold.
Name | Type | Description |
---|---|---|
AlarmType | Integer | Alarm threshold type. 1: inbound traffic, 2: cleansed traffic |
AlarmThreshold | Integer | Alarm threshold, which should be greater than 0 (currently scheduled value) |
Attack source information
Used by actions: DescribeDDoSAttackSource.
Name | Type | Description |
---|---|---|
SrcIp | String | Attack source IP |
Province | String | Province (valid for Mainland China) |
Nation | String | Country/region |
PacketSum | Integer | Total number of attack packets |
PacketLen | Integer | Total attack traffic |
DDoS attack event record
Used by actions: DescribeDDoSEvList, DescribeDDoSNetEvList.
Name | Type | Description |
---|---|---|
Business | String | Anti-DDoS service type. bgpip : Anti-DDoS Advanced; bgp : Anti-DDoS Pro (Single IP); bgp-multip : Anti-DDoS Pro (Multi-IP); net : Anti-DDoS Ultimate; basic : Anti-DDoS Basic |
Id | String | Anti-DDoS instance ID |
Vip | String | Resource IP |
StartTime | Timestamp | Attack start time |
EndTime | Timestamp | Attack end time |
Mbps | Integer | Maximum attack bandwidth |
Pps | Integer | Maximum attack packet rate |
AttackType | String | Attack type |
BlockFlag | Integer | Whether the IP is blocked. Valid values: [1 (yes), 0 (no), 2 (invalid value)] |
OverLoad | String | Whether the elastic protection bandwidth is exceeded. Valid values: [yes (yes), no (no), empty string (unknown value)] |
AttackStatus | Integer | Attack status. Valid values: [0 (ongoing), 1 (ended)] |
ResourceName | String | Resource name Note: this field may return null, indicating that no valid values can be obtained. |
EventId | String | Attack event ID Note: this field may return null, indicating that no valid values can be obtained. |
Disabled protocol in advanced DDoS policy
Used by actions: CreateDDoSPolicy, DescribeDDoSPolicy, ModifyDDoSPolicy.
Name | Type | Required | Description |
---|---|---|---|
DropTcp | Integer | Yes | Blocks all TCP traffic. Valid values: [0,1] |
DropUdp | Integer | Yes | Blocks all UDP traffic. Valid values: [0,1] |
DropIcmp | Integer | Yes | Blocks all ICMP traffic. Valid values: [0,1] |
DropOther | Integer | Yes | Blocks traffic of other protocols. Valid values: [0,1] |
DropAbroad | Integer | Yes | Rejects traffic from outside Mainland China. Valid values: [0,1] |
CheckSyncConn | Integer | Yes | Null session protection. Valid values: [0,1] |
SdNewLimit | Integer | No | New connection suppression based on source IP and destination IP. Value range: [0,4294967295] |
DstNewLimit | Integer | No | New connection suppression based on destination IP. Value range: [0,4294967295] |
SdConnLimit | Integer | No | Concurrent connection suppression based on source IP and destination IP. Value range: [0,4294967295] |
DstConnLimit | Integer | No | Concurrent connection suppression based on destination IP. Value range: [0,4294967295] |
BadConnThreshold | Integer | No | Threshold for triggering connection suppression. Value range: [0,4294967295] |
NullConnEnable | Integer | No | Exceptional connection detection condition: null session protection status. Valid values: [0,1] |
ConnTimeout | Integer | No | Exceptional connection detection condition: connection timeout. Valid values: [0,65535] |
SynRate | Integer | No | Exceptional connection detection condition: percentage of SYN out of ACK. Valid values: [0,100] |
SynLimit | Integer | No | Exceptional connection detection condition: SYN threshold. Valid values: [0,100] |
DTcpMbpsLimit | Integer | No | TCP speed limit. Value range: [0,4294967295] |
DUdpMbpsLimit | Integer | No | UDP speed limit. Value range: [0,4294967295] |
DIcmpMbpsLimit | Integer | No | ICMP speed limit. Value range: [0,4294967295] |
DOtherMbpsLimit | Integer | No | Other protocol speed limit. Value range: [0,4294967295] |
Packet filter in advanced DDoS policy
Used by actions: CreateDDoSPolicy, DescribeDDoSPolicy, ModifyDDoSPolicy.
Name | Type | Required | Description |
---|---|---|---|
Protocol | String | Yes | Protocol. Valid values: [tcp, udp, icmp, all] |
SportStart | Integer | Yes | Start source port. Value range: [0,65535] |
SportEnd | Integer | Yes | End source port. Value range: [0,65535] |
DportStart | Integer | Yes | Start destination port. Value range: [0,65535] |
DportEnd | Integer | Yes | End destination port. Value range: [0,65535] |
PktlenMin | Integer | Yes | Minimum packet length. Value range: [0,1500] |
PktlenMax | Integer | Yes | Maximum packet length. Value range: [0,1500] |
MatchBegin | String | Yes | Whether to detect the payload. Valid values: [ begin_l3 (IP header) begin_l4 (TCP header) begin_l5 (payload) no_match (no check) ] |
MatchType | String | Yes | Whether it is a regular expression. Valid values: [sunday (keyword), pcre (regular expression)] |
Str | String | Yes | Keyword or regular expression |
Depth | Integer | Yes | Detection depth. Value range: [0,1500] |
Offset | Integer | Yes | Detection offset. Value range: [0,1500] |
IsNot | Integer | Yes | Whether to include. Valid values: [0 (no), 1 (yes)] |
Action | String | Yes | Policy action. Valid values: [drop, drop_black, drop_rst, drop_black_rst, transmit] |
Disabled port in advanced DDoS policy
Used by actions: CreateDDoSPolicy, DescribeDDoSPolicy, ModifyDDoSPolicy.
Name | Type | Required | Description |
---|---|---|---|
Protocol | String | Yes | Protocol. Valid values: [tcp, udp, all] |
DPortStart | Integer | Yes | Start destination port. Value range: [0,65535] |
DPortEnd | Integer | Yes | End destination port, which must be greater than or equal to the start destination port. Value range: [0,65535] |
SPortStart | Integer | No | Start source port. Value range: [0,65535] Note: this field may return null, indicating that no valid values can be obtained. |
SPortEnd | Integer | No | End source port, which must be greater than or equal to the start source port. Value range: [0,65535] Note: this field may return null, indicating that no valid values can be obtained. |
Action | String | No | Action to be executed. Valid values: [drop (discard) , transmit (forward)] Note: this field may return null, indicating that no valid values can be obtained. |
Kind | Integer | No | Type of port to be disabled. Valid values: [0 (destination port range), 1 (source port range), 2 (destination port range and source port range)] Note: this field may return null, indicating that no valid values can be obtained. |
Advanced DDoS policy
Used by actions: DescribeDDoSPolicy.
Name | Type | Description |
---|---|---|
Resources | Array of ResourceIp | Resource bound to policy |
DropOptions | DDoSPolicyDropOption | Disabled protocol |
PortLimits | Array of DDoSPolicyPortLimit | Disabled port |
PacketFilters | Array of DDoSPolicyPacketFilter | Packet filter |
IpBlackWhiteLists | Array of IpBlackWhite | IP blocklist/allowlist |
PolicyId | String | Policy ID |
PolicyName | String | Policy name |
CreateTime | String | Policy creation time |
WaterPrint | Array of WaterPrintPolicy | Watermarking policy parameter. There can be only one policy. If there are no policies, the array is empty |
WaterKey | Array of WaterPrintKey | Watermark key. There can be up to two keys. If there are no policies, the array is empty |
BoundResources | Array of String | Resource instance bound to policy Note: this field may return null, indicating that no valid values can be obtained. |
SceneId | String | Policy scenario Note: this field may return null, indicating that no valid values can be obtained. |
IP blocklist/allowlist
Used by actions: CreateDDoSPolicy, DescribeDDoSPolicy, ModifyDDoSPolicy.
Name | Type | Required | Description |
---|---|---|---|
Ip | String | Yes | IP address |
Type | String | Yes | Blocklist/allowlist type. Valid values: [black, white] |
IP blocking record
Used by actions: DescribeIpBlockList.
Name | Type | Description |
---|---|---|
Ip | String | IP |
Status | String | Status (Blocked: blocked, UnBlocking: unblocking, UnBlockFailed: unblocking failed) |
BlockTime | Timestamp | Blocked time |
UnBlockTime | Timestamp | Unblocked time (estimated) |
ActionType | String | Type of the unblocking action (user : self-service unblocking, auto : automatic unblocking, update : unblocking by service upgrading, bind : unblocking by binding Anti-DDoS Pro instance) |
IP unblocking record
Used by actions: DescribeIpUnBlockList.
Name | Type | Description |
---|---|---|
Ip | String | IP |
BlockTime | Timestamp | Blocked time |
UnBlockTime | Timestamp | Unblocked time (actua |