Armor configuration templates

ip

"1.2.3.4"

The net ID part of the subnet (first IP)

prefix

32

The CIDR part of the subnet

description

"Client gameserver"

An optional description text

tenant-id

42

The client's tenant ID

enabled

true

Enables the armor (i.e. routes traffic through Warden)

prevention-mode

true

Allows Warden to actually drop packets

ports

["1024-2048", "4096"]

A list of ports/port ranges to allow through Warden

protocol

udp

Defines the armor as a TCP/UDP armor

tcp-established

false

Allow the protected IP to initiate connections to the Internet

tcp-gl-pps

50000

Sets the limit (in PPS) for greylisted (non-whitelisted) TCP traffic

udp-gl-pps

0

Sets the limit (in PPS) for greylisted (non-whitelisted) UDP traffic

dpi-profile

""

(UDP only) sets a bytematching profile

reject-src-port-1024

true

Rejects packets if the source port is less than 1024

ip

"1.2.3.4"

The net ID part of the subnet (first IP)

prefix

32

The CIDR part of the subnet

description

"Client web server"

An optional description text

tenant-id

42

The client's tenant ID

enabled

true

Enables the armor (i.e. routes traffic through Warden)

prevention-mode

true

Allows Warden to actually drop packets

ports

["80", "443"]

A list of ports/port ranges to allow through Warden

protocol

tcp

Defines the armor as a TCP/UDP armor

tcp-established

true

Allow the protected IP to initiate connections to the Internet

tcp-gl-pps

0

Sets the limit (in PPS) for greylisted (non-whitelisted) TCP traffic

udp-gl-pps

75000

Sets the limit (in PPS) for greylisted (non-whitelisted) UDP traffic

dpi-profile

""

(UDP only) sets a bytematching profile

reject-src-port-1024

true

Rejects packets if the source port is less than 1024