InlineFirewallFloodProtectionProfile1

InlineFirewallFloodProtectionProfile1
InlineFirewallFloodProtectionProfile1
JSON Example
{
    "enable_rst_spoofing": false,
    "enable_syncache": false,
    "icmp_active_flow_limit": 0,
    "nat_active_conn_limit": 0,
    "other_active_conn_limit": 0,
    "tcp_half_open_conn_limit": 0,
    "udp_active_flow_limit": 0
}
boolean
enable_rst_spoofing
Optional

The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled.

boolean
enable_syncache
Optional

The flag to indicate syncache is enabled or not. This option does not apply to EDGE components.

integer As int64 As int64
icmp_active_flow_limit
Optional
Constraints: minimum: 1 maximum: 1000000

The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.

integer As int64 As int64
nat_active_conn_limit
Optional
Constraints: minimum: 1 maximum: 4294967295 default: 4294967295

The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.

integer As int64 As int64
other_active_conn_limit
Optional
Constraints: minimum: 1 maximum: 1000000

The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.

integer As int64 As int64
tcp_half_open_conn_limit
Optional
Constraints: minimum: 1 maximum: 1000000

The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components.

integer As int64 As int64
udp_active_flow_limit
Optional
Constraints: minimum: 1 maximum: 1000000

The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component.

Used By