To Next Page

To Previous Page

1085

logging: Enables logging for SYN flood attack events.

Usage guidelines

For the SYN flood attack detection to collaborate with the TCP client verification, make sure the

client-verify keyword is specified and the TCP client verification is enabled. To enable TCP client

verification, use the client-verify tcp enable command.

Examples

# Specify drop as the global action against SYN flood attacks in the attack defense policy

atk-policy-1.

<Sysname> system-view

[Sysname] attack-defense policy atk-policy-1

[Sysname-attack-defense-policy-atk-policy-1] syn-flood action drop

Related commands

syn-flood detect

syn-flood detect non-specific

syn-flood threshold

syn-flood detect

Use syn-flood detect to configure IP address-specific SYN flood attack detection.

Use undo syn-flood detect to remove the IP address-specific SYN flood attack detection

configuration.

Syntax

syn-flood detect { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]

[ threshold threshold-value ] [ action { { client-verify | drop | logging } * | none } ]

undo syn-flood detect { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]

Default

IP address-specific SYN flood attack detection is not configured.

Views

Attack defense policy view

Predefined user roles

network-admin

Parameters

ip ipv4-address: Specifies the IPv4 address to be protected. The ipv4-address argument cannot be

255.255.255.255 or 0.0.0.0.

ipv6 ipv6-address: Specifies the IPv6 address to be protected.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the protected IP

address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.

Do not specify this option if the protected IP address is on the public network.

threshold threshold-value: Specifies the threshold for triggering SYN flood attack prevention. The

value range is 1 to 1000000 in units of SYN packets sent to the specified IP address per second.

action: Specifies the actions when a SYN flood attack is detected. If no action is specified, the global

actions set by the syn-flood action command apply.

client-verify: Adds the victim IP addresses to the protected IP list for TCP client verification. If TCP

client verification is enabled, the device provides proxy services for protected servers.

Other manuals for H3C MSR Series

Manual33 pages

Probe Command Reference28 pages

Configuration Guide80 pages

Troubleshooting Guide28 pages

User Guide26 pages

Questions and Answers:

Need help?

Do you have a question about the H3C MSR Series and is the answer not in the manual?

H3C MSR Series Specifications

General

Category	Network Router
IPv6 Support	Yes
Dimensions	Varies by model
Weight	Varies by model
Product Type	Modular Router
Ports	Varies by model
WAN Interfaces	Varies by model
Firewall	Yes
QoS	Yes
Wireless Support	Varies by model
USB Ports	Varies by model
Console Port	Yes
Power Supply	Varies by model
Redundancy	Varies by model
Operating Temperature	0°C to 45°C
Storage Temperature	-40°C to 70°C
Humidity	5% to 95% non-condensing
Series	MSR
Certifications	CE, FCC, RoHS