3-15
Virus Throttling (Connection-Rate Filtering)
Configuring Connection-Rate Filtering
To view the complete connection-rate configuration, including any ACLs
(page 3-17), use show config (for the startup-config file) or show running (for
the running-config file).
Listing Currently-Blocked Hosts
Figure 3-5. Example of Listing Hosts in Any Connection-Rate State
Figure 4.Example of Listing Hosts Blocked by Connection-Rate Filtering
Unblocking Currently-Blocked Hosts
If a host becomes blocked by triggering connection-rate filtering on a port
configured to block high connection rates, the host remains blocked on all
ports on the switch even if you change the per-port filtering configuration.
(The source IP address block imposed by connection-rate filtering does not
age-out.) This is to help prevent a malicious host from automatically regaining
access to the network.
Syntax: show connection-rate-filter < all-hosts | blocked-hosts | throttled-hosts >
all-hosts: Lists, by VLAN membership, all hosts currently
detected in a throttling or blocking state, along with a state
indicator.
throttled-hosts: Lists, by VLAN membership, the hosts cur-
rently in a throttling state due to connection-rate action.
blocked-hosts: Lists, by VLAN membership, the hosts currently
blocked by connection-rate action.
HP Switch(config)# show connection-rate-filter all-hosts
VLAN ID | Source IP Address | Filter Mode
-------------+-------------------+------------
10 | 13.28.234.175 | THROTTLE
10 | 13.28.234.179 | THROTTLE
15 | 13.28.234.180 | BLOCK
HP Switch(config)#show connection-rate-filter blocked-
hosts
VLAN ID | Source IP Address
-------------+------------------
To Next Page
Loading...
