Filter and Firewall
Left running head:
Chapter name (automatic)
722
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
Alcatel-Lucent
IP-ZERO-LENGTH
ip-zero-length
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
This attack is caused when the first fragment in the list is of 0-length. This sends a
series of IP fragments such that a 0 length fragment is first in the fragment list.
This makes it impossible for the kernel to deallocate the destination entry and
remove it from the cache. This leads to a system crash. This attack is prevented
by use of the above command.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# ip-zero-length
NO ALL
no all
This command is entered in the Firewall-Attack Sub Configuration Mode. The ‘no’
command disables all the attacks configured for an attack object.
NO ATTACK
no attack <name>
This command is entered in the Firewall Configuration Mode. This deletes the
specified DoS attack object and its configuration.You cannot delete an attack
object if it is being used by a firewall policy.
NO ATTACK NAME FORCE
no attack <name> [force]
This command is entered in the Configuration Mode. This deletes a specified DoS
attack object from the global level.
Also, when "force" command is used to delete an attack object, the attack gets
removed from any firewall policy it is attached to.
To Next Page
Loading...
Need help?
General
