Filter and Firewall
Left running head:
Chapter name (automatic)
754
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
T
O CONFIGURE ALL ATTACKS FOR AN ATTACK OBJECT (INCLUDING DEFAULT / OPTIONAL)
E
XAMPLE
ALU(config-firewall-attack-A1)# all
ALU(config-firewall-attack-A1)# no all
The following are the Optional attacks that are not present in the default
attack prevention list of the OmniAccess 5740 USG:
icmp_router_advertisement
icmp_redirect
ip_spoofing
icmp_block_trace_route
ip_source_routing
udp_snork_attack
T
O CONFIGURE INDIVIDUAL ATTACK FOR AN ATTACK OBJECT
The following command enables you to configure attacks (both Default - stateful
and stateless and Optional attacks) individually for an attack object.
Command (in F-ACM) Description
all This command is used to configure all
the attacks (including all Default and
Optional attacks) for an attack object.
no all The ‘no’ command disables all the
attacks configured for an attack object.
Command (in F-ACM) Description
udp-port-loopback [threshold
<1-4294967295> <1-4294967295>]
This command is used to configure udp-
port-loopback attack for an attack
object.
udp-flood [threshold <1-
4294967295> <1-4294967295>]
This command is used to configure udp-
flood attack for an attack object.
port-scan [threshold <1-
4294967295> <1-4294967295>]
This command is used to configure
port-scan attack for an attack object.
tcp-fin-scan This command is used to configure tcp-
fin-scan attack for an attack object.
icmp-ip-address-sweep
[threshold <1-4294967295> <1-
4294967295>]
This command is used to configure
icmp-ip-address-sweep attack for an
attack object.
icmp-dest-unrch-storm
[threshold <1-4294967295> <1-
4294967295>]
This command is used to configure
icmp-dest-unrch-storm attack for an
attack object.
To Next Page
Loading...
Need help?
General
