The functionality that make up this service and the functions that can be called.

List DDoS attack history for a user.

Function: GetAllDDoSHistory (parameter1,parameter2)

Input Parameter	Type	Description
UserApiKey	String	User with permissions to call this web service.
UserApiPassword	String	User’s password of the user used in UserApiKey parameter.

Returns: DDoSHistoryListWithHistoryInfoResult

Field	Type	Description
Message	String	A text message explaining the results of the operation, including the reason for any failures.
Result	Boolean	Returns true if the function call was successful.
Result_Code	Int32	A result code, which differs by function.
DDoSHistoryList	DDoSHistory_List[]	A list of all DDoS attack history, as defined in the DDoS_History class.

Get DDoS attack details for an attack id.

Function: GetDDoSHistoryDetail (parameter1, parameter2, parameter3)

Input Parameter	Type	Description
UserApiKey	String	User with permissions to call this web service.
UserApiPassword	String	User’s password of the user used in UserApiKey parameter.
Attack_ID	String	The DDoS attack id.

Returns: DDosDetailsInfoResult

Field	Type	Description
Message	String	A text message explaining the results of the operation, including the reason for any failures.
Result	Boolean	Returns true if the function call was successful.
Result_Code	Int32	A result code, which differs by function.
DDoSDetails	DDoS_Details	Details of the DDoS attack, as defined in the DDoS_Details class.

Delete(reset) DDoS settings for an IP address.

Function: DeleteDDoSSettings (parameter1, parameter2, parameter3)

Input Parameter	Type	Description
UserApiKey	String	User with permissions to call this web service.
UserApiPassword	String	User’s password of the user used in UserApiKey parameter.
IP_Address	String	The IP Address.

Returns: DDoSInfoResult

Field	Type	Description
Message	String	A text message explaining the results of the operation, including the reason for any failures.
Result	Boolean	Returns true if the function call was successful.
Result_Code	Int32	A result code, which differs by function.

Get DDoS settings for an IP address.

Function: GetDDoSSettings (parameter1, parameter2, parameter3)

Input Parameter	Type	Description
UserApiKey	String	User with permissions to call this web service.
UserApiPassword	String	User’s password of the user used in UserApiKey parameter.
IP_Address	String	The IP Address.

Returns: DDoSSettingsInfoResult

Field	Type	Description
Message	String	A text message explaining the results of the operation, including the reason for any failures.
Result	Boolean	Returns true if the function call was successful.
Result_Code	Int32	A result code, which differs by function.
DDoSGetSettings	DDoS_Get_Settings	The DDoS settings, as defined in the DDoS_Get_Settings class.

Set(update) DDoS settings for an IP address.

Function: SetDDoSSettings (parameter1, parameter2, parameter3, parameter4)

Input Parameter	Type	Description
UserApiKey	String	User with permissions to call this web service.
UserApiPassword	String	User’s password of the user used in UserApiKey parameter.
IP_Address	String	The IP Address.
DDoS_Update_Settings	DDoS_Update_Settings	The DDoS settings to set(update), as defined in the DDoS_Update_Settings class.

Returns: DDoSInfoResult

Field	Type	Description
Message	String	A text message explaining the results of the operation, including the reason for any failures.
Result	Boolean	Returns true if the function call was successful.
Result_Code	Int32	A result code, which differs by function.

Object - DDoS_History

Field	Type	Description
Attack_Id	String	The attack id.
Target_IP	String	The IP address targeted.
Attack_Size	String	The attack size.
Date_Started	String	The date the attack started.

Object - DDoS_Details

Field	Type	Description
Date_Started	String	The date the attack started.
Date_Ended	String	The date the attack ended.
Target_IP	String	The IP address targeted.
Peak_PPS	String	The peak PPS.
Peak_BPS	String	The peak BPS.
DDoS_SampleFlows	String	A delimited string of sample flows, as defined as follows (There can be 1 sample flow or many): A 1 character delimiter \| that denotes the beginning of the sample flow. A 1 character delimiter ^ denoting the beginning of the sample flow field. The source port. A 1 character delimiter ^ denoting the beginning of the sample flow field. The time received. A 1 character delimiter ^ denoting the beginning of the sample flow field. The source IP address. A 1 character delimiter ^ denoting the beginning of the sample flow field. The destination port. A 1 character delimiter ^ denoting the beginning of the sample flow field. The protocol. A 1 character delimiter ^ denoting the beginning of the sample flow field. The packet count. A 1 character delimiter ^ denoting the beginning of the sample flow field. The byte count A 1 character delimiter ^ denoting the beginning of the sample flow field. The destination IP address. For example - a 2 sample flow string: \|^8^1/13/20154:13:34PM^34.228.60.168^0^1^32768^1572892^101.51.61.108\|^8^5/10/2015 8:05:00AM^34.100.20.128^0^1^32457^1545890^100.51.90.108

Object - DDoS_Get_Settings

Field	Type	Description
UDP_Total_MBPS_Limits	String	Minimum amount of UDP traffic that needs to be received per second before a DDOS attack is detected. If you’re running a UDP-heavy application, this value would need to be increased (for example, a heavily used VPN server can hit this level easily).
ICMP_Total_PPS_Limit	String	Minimum number of ICMP packets received each second before DDOS filtering is triggered. We do not recommend this limit be set any lower than 10,000.
IP_WhiteList	String[]	A list of IP subnets, as defined in the IP_Whitelist class. List of IP subnets that will be completely ignored for any DDOS filtering purposes. These subnets will also be whitelisted from any mitigation rules. The largest subnet permitted is a /12 (contact us if you need to add a larger subnet).
UDP_Source_Port_Whitelist	String[]	A list of UDP source ports, as defined in the UDP_Source_PortWhitelist class. List of UDP source ports that will be completely ignored for DDOS filtering purposes. These would also be whitelisted from any mitigation rules. Be careful if you add port 53 here, as it would make you vulnerable to any DNS reflection attacks that may come your way.
Mitigation_Enabled	String	True or False. Tracking of incoming DDOS attacks is done no matter what, but this would allow you to prevent any sort of mitigation from being done.
Mitigation_Threshold_MBPS	String	Minimum size the attack must be before mitigation is started.
Mitigation_Max_MBPS	String	The maximum size an attack can be. Any attacks that exceed this size would be null routed. Note that this value is capped to the limit of your subscription.
Mitigation_UDP_Max_MBPS	String	During mitigation of UDP attacks, any host or source port sending then this amount of data would be blocked. You may need to raise this if you regularly receive large UDP streams.
Mitigation_Filtering_Minutes	String	How long should DDOS mitigation continue, after the attack size drops below the minimum thresholds. This value must be between 2 and 60 minutes.
Mitigation_Block_All_UDP	String	True or False. If enabled, all inbound UDP traffic (excluding traffic from whitelisted IPs or ports) will be dropped. This is particularly useful if you are not hosting any UDP based services.
Unmitigated_Max_MBPS	String	If mitigation is not enabled for an IP, any attack size larger then this would result in a null route. This value cannot exceed 9000 Mbps.
TCP_Total_MBPS_limit	String	Minimum amount of inbound TCP traffic that needs to be received per second before a DDOS attack is detected.
TCP_Perip_Min_Sources	String	When detecting attacks based on tcp_total_mbps_limit, an attack would only be detected if it were coming from this many unique sources (ip + port combo). Setting this too low will result in normal traffic (like a large download) being detected as an attack.
IP_Total_PPS_Limit	String	Any traffic for IP protocols other than TCP/UDP/ICMP above this limit will be considered an attack (this is total traffic for all unknown protocols, not per-protocol).
IP_Total_MBPS_Limit	String	Any traffic for IP protocols other than TCP/UDP/ICMP above this limit will be considered an attack (this is total traffic for all unknown protocols, not per-protocol).
UDP_Dest_Port_Whitelist	String[]	A list of UDP destination ports, as defined in the UDP_Dest_Port_Whitelist class. List of UDP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as UDP source ports).
TCP_Source_Port_Whitelist	String[]	A list of TCP source ports, as defined in the TCP_Source_Port_Whitelist class. List of TCP source ports that will be completely ignored for DDOS filtering purposes.
TCP_Dest_Port_Whitelist	String[]	A list of TCP destination ports, as defined in the TCP_Dest_Port_Whitelist class. List of TCP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as TCP source ports).
Mitigation_TCP_Max_MBPS	String	During mitigation of TCP attacks, any host or source port sending more than this amount of data would be blocked.
Mitigation_UDP_Total_Max_MBPS	String	During mitigation of UDP attacks, if a host is receiving more UDP traffic then this (and it can't be filtered any other way), all UDP traffic would be dropped (except for any whitelisted ports).
Nullroute_Only_Externally	String	True or False. Only apply the null route externally. This means that only traffic coming in via a transit provider / peering would be null routed. Traffic within a location should remain normal. This is only supported in New Jersey right now.

Object - DDoS_Update_Settings

Field	Type	Description
UDP_Total_MBPS_Limits	String	Required. If left empty, the field will be set to empty. Minimum amount of UDP traffic that needs to be received per second before a DDOS attack is detected. If you’re running a UDP-heavy application, this value would need to be increased (for example, a heavily used VPN server can hit this level easily).
ICMP_Total_PPS_Limit	String	Required. If left empty, the field will be set to empty. Minimum number of ICMP packets received each second before DDOS filtering is triggered. We do not recommend this limit be set any lower than 10,000.
IP_WhiteList_Add	String[]	Optional. A list of IP subnets that will be added, as defined in the IP_Whitelist class. List of IP subnets that will be completely ignored for any DDOS filtering purposes. These subnets will also be whitelisted from any mitigation rules. The largest subnet permitted is a /12 (contact us if you need to add a larger subnet).
IP_WhiteList_Remove	String[]	Optional. A list of IP subnets that will be removed, as defined in the IP_Whitelist class. List of IP subnets that will be completely ignored for any DDOS filtering purposes. These subnets will also be whitelisted from any mitigation rules. The largest subnet permitted is a /12 (contact us if you need to add a larger subnet).
UDP_Source_Port_Whitelist_Add	String[]	Optional. A list if of UDP source ports that will be added, as defined defined in the UDP_Source_Port_Whitelist class. List of UDP source ports that will be completely ignored for DDOS filtering purposes. These would also be whitelisted from any mitigation rules. Be careful if you add port 53 here, as it would make you vulnerable to any DNS reflection attacks that may come your way.
UDP_Source_Port_Whitelist_ Remove	String[]	Optional. A list if of UDP source ports that will be removed, as defined defined in the UDP_Source_Port_Whitelist class. List of UDP source ports that will be completely ignored for DDOS filtering purposes. These would also be whitelisted from any mitigation rules. Be careful if you add port 53 here, as it would make you vulnerable to any DNS reflection attacks that may come your way.
Mitigation_Enabled	String	Required. True or False. Tracking of incoming DDOS attacks is done no matter what, but this would allow you to prevent any sort of mitigation from being done.
Mitigation_Threshold_MBPS	String	Required. If left empty, the field will be set to empty. Minimum size the attack must be before mitigation is started.
Mitigation_UDP_Max_MBPS	String	Required. If left empty, the field will be set to empty. During mitigation of UDP attacks, any host or source port sending then this amount of data would be blocked. You may need to raise this if you regularly receive large UDP streams.
Mitigation_Filtering_Minutes	String	Required. If left empty, the field will be set to empty. How long should DDOS mitigation continue, after the attack size drops below the minimum thresholds. This value must be between 2 and 60 minutes.
Mitigation_Block_All_UDP	String	Required. True or False. If enabled, all inbound UDP traffic (excluding traffic from whitelisted IPs or ports) will be dropped. This is particularly useful if you are not hosting any UDP based services.
TCP_Total_MBPS_Limit	String	Required. If left empty, the field will be set to empty. Minimum amount of inbound TCP traffic that needs to be received per second before a DDOS attack is detected.
TCP_Perip_Min_Sources	String	Required. If left empty, the field will be set to empty. When detecting attacks based on tcp_total_mbps_limit, an attack would only be detected if it were coming from this many unique sources (ip + port combo). Setting this too low will result in normal traffic (like a large download) being detected as an attack.
IP_Total_PPS_Limit	String	Required. If left empty, the field will be set to empty. Any traffic for IP protocols other than TCP/UDP/ICMP above this limit will be considered an attack (this is total traffic for all unknown protocols, not per-protocol).
IP_Total_MBPS_Limit	String	Required. If left empty, the field will be set to empty. Any traffic for IP protocols other than TCP/UDP/ICMP above this limit will be considered an attack (this is total traffic for all unknown protocols, not per-protocol).
UDP_Dest_Port_Whitelist_Add	String[]	Optional. A list of UDP dest ports that will be added, as defined in the UDP_Dest_Port_Whitelist class. List of UDP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as UDP source ports).
UDP_Dest_Port_Whitelist_Remove	String[]	Optional. A list of UDP destination ports that will be removed, as defined in the UDP_Dest_Port_Whitelist class. List of UDP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as UDP source ports).
TCP_Source_Port_Whitelist_Add	String[]	Optional. A list of TCP source ports that will be added, as defined in the TCP_Source_Port_Whitelist class. List of TCP source ports that will be completely ignored for DDOS filtering purposes.
TCP_Source_Port_Whitelist_Remove	String[]	Optional. A list of TCP source ports that will be removed, as defined in the TCP_Source_Port_Whitelist class. List of TCP source ports that will be completely ignored for DDOS filtering purposes.
TCP_Dest_Port_Whitelist_Add	String[]	Optional. A list of TCP destination ports that will be added, as defined in the TCP_Dest_Port_Whitelist class. List of TCP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as TCP source ports).
TCP_Dest_Port_Whitelist_Remove	String[]	Optional. A list of TCP destination ports that will be removed, as defined in the TCP_Dest_Port_Whitelist class. List of TCP destination ports that will be ignored for DDOS filtering purposes. This means that we will never outright block traffic destined to these ports. Traffic may still be blocked by other rules (such as TCP source ports).
Mitigation_TCP_Max_MBPS	String	Required. If left empty, the field will be set to empty. During mitigation of TCP attacks, any host or source port sending more than this amount of data would be blocked.
Mitigation_UDP_Total_Max_MBPS	String	Required. If left empty, the field will be set to empty. During mitigation of UDP attacks, if a host is receiving more UDP traffic then this (and it can't be filtered any other way), all UDP traffic would be dropped (except for any whitelisted ports).

Object - IP_Whitelist

Field	Type	Description
IP_Subnet	String	An IP subnet in the format: #.#.#.#/#

Object - UDP_Source_Port_Whitelist

Field	Type	Description
UDP_Source_Port	String	A UDP source port in the format: #

Object - UDP_Dest_Port_Whitelist

Field	Type	Description
UDP_Dest_Port	String	A UDP destination port in the format: #

Object - TCP_Source_Port_Whitelist

Field	Type	Description
TCP_Source_Port	String	A TCP source port in the format: #

Object - TCP_Dest_Port_Whitelist

Field	Type	Description
TCP_Dest_Port	String	A TCP destination port in the format: #

Article ID: 228, Created: July 16, 2015 at 2:18 PM, Modified: August 9, 2016 at 2:52 PM

Service - DDoS Management

Add Feedback

Was this article helpful?

Share this article