All scripts
isp
Expert
2–5 min
T-ISP-022 · DDoS / FlowSpec Mitigation Trigger
Translate a validated DDoS-mitigation intent into BGP FlowSpec rules (match 5-tuple, action rate-limit/discard/redirect) with destination-scope guardrails and TTL-based auto-withdraw logging.
Cisco IOS-XR
Juniper Junos
Arista EOS
You're viewing a preview
The full script, parameters, and execution console are available with a free account.
Already have access? Sign in →
Capabilities
- 5-tuple FlowSpec match
- Rate-limit/discard/redirect
- Protected-scope guardrail
- TTL auto-withdraw log
- Dry-run by default
- Audit trail
Required inputs
Parameters the script accepts. Defaults shown; some are vendor- or context-gated.
| Parameter | Type | Default | Notes |
|---|---|---|---|
Action (rate-limit|discard|redirect) action | string | rate-limit | — |
Auto-withdraw TTL (min) ttl_min | number | 30 | — |
Sample inventory schema
Authoritative shape of the device/policy data this script consumes.
No bundled inventory sample. The script accepts standard device lists (CSV/YAML) with hostname, mgmt IP, vendor, and credentials.
Expected output
Reference terminal output the script should produce — used as a stylistic and structural target.
terminal
2026-06-15 15:00:00 INFO FlowSpec intent: dst 198.51.100.10/32 udp/53 -> rate-limit 2026-06-15 15:00:00 INFO Guardrail OK: target within customer-owned space 2026-06-15 15:00:00 INFO Rule rendered; auto-withdraw at 2026-06-15 15:30:00 2026-06-15 15:00:00 INFO Use --apply to inject