All Products
Search

This Product

    Anti-DDoS:ConfigLayer4RulePolicy

    Document Center

    Anti-DDoS:ConfigLayer4RulePolicy

    Last Updated:Feb 25, 2026

    Configures the IP addresses of the primary and secondary origin servers for a port forwarding rule.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    No authorization for this operation. If you encounter issues with this operation, contact technical support.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    Listeners

    string

    Yes

    The port forwarding rule that you want to manage.

    This parameter is a string that consists of JSON arrays. Each element in a JSON array indicates a port forwarding rule. You can perform this operation only on one port forwarding rule at a time.

    Note

    You can call the DescribeNetworkRules to query existing port forwarding rules.

    Each port forwarding rule contains the following fields:

    • InstanceId: the ID of the instance. This field is required and must be of the STRING type.

    • Protocol: the forwarding protocol. This field is required and must be of the STRING type. Valid values: tcp and udp.

    • FrontendPort: the forwarding port. This field is required and must be of the INTEGER type.

    • BackendPort: the port of the origin server. This field is required and must be of the INTEGER type.

    • PriRealServers: the IP addresses of the primary origin server. This field is required and must be a JSON array. Each element in a JSON array indicates an IP address of the primary origin server. You can configure a maximum of 20 IP addresses.

      Each element in the JSON array contains the following field:

      • RealServer: the IP address of the primary origin server. This field is required and must be of the STRING type.

    • SecRealServers: the IP addresses of the secondary origin server. This field is required and must be a JSON array. Each element in a JSON array indicates an IP address of the secondary origin server. You can configure a maximum of 20 IP addresses.

      Each element in the JSON array contains the following field:

      • RealServer: the IP address of the secondary origin server. This field is required and must be of the STRING type.

    • CurrentRsIndex: the origin server that you want to use to receive service traffic. This field is required and must be of the INTEGER type. Valid values:

      • 1: the primary origin server, which indicates that Anti-DDoS Pro or Anti-DDoS Premium forwards service traffic to the IP addresses of the primary origin server.

      • 2: the secondary origin server, which indicates that Anti-DDoS Pro or Anti-DDoS Premium forwards service traffic to the IP addresses of the secondary origin server.

    [{\"InstanceId\":\"ddosDip-sg-4hr2b3l****\",\"Protocol\":\"udp\",\"FrontendPort\":2020,\"BackendPort\":2022,\"PriRealServers\":[{\"RealServer\":\"192.0.2.1\"},{\"RealServer\":\"192.0.2.2\"}],\"SecRealServers\":[{\"RealServer\":\"192.0.2.3\"},{\"RealServer\":\"192.0.2.4\"}],\"CurrentRsIndex\":1}]

    All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

    For more information about sample requests, see the "Examples" section of this topic.

    Response elements

    Element

    Type

    Description

    Example

    object

    RequestId

    string

    The ID of the request.

    CC042262-15A3-4A49-ADF0-130968EA47BC

    Examples

    Success response

    JSON format

    {
  "RequestId": "CC042262-15A3-4A49-ADF0-130968EA47BC"
}

    Error codes

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.