policy
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
725
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
To Create a DoS Rule Inside a Firewall Policy
[<1-65535>] match [any|all] <match-list name>... attack
<name> {drop|reset} [time-range <name>]
This command is entered in the Firewall Policy Configuration Mode. This
command is used to attach an attack object to a firewall policy, and configure rules
(set priority for the rule, associate match-lists and action) for a firewall policy, and
also set the action drop or reset for the configured rules.
In the following example, the attack object atk is configured to drop all the attacks:
ALU(config-firewall-P1)# match m1 attack atk drop
In the following example, the attack object atk is configured to drop all the attacks
and send acknowledgement such as an error report.
ALU(config-firewall-P1)# match m1 attack atk reset
Parameter Description
1-65535 Denotes the firewall policy rule number.
The range for the filter rule.
match [any|all] <match-list
name>
match all - In this type of match, the
relevant action is performed only when
all the match-list criteria is satisfied.
match any - In this type of match, the
relevant action is performed even if any
one of the match-list criterion is satisfied.
attack <name> Name of the attack.
drop The keyword “drop” drops the packets.
reset The keyword "reset" drops the packets
and sends a reset message to the
sender.
time-range <name> The name of the time range.
To Next Page
Loading...
