557
Examples
# Configure ACK flood attack detection for 192.168.1.2 in attack defense policy atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] ack-flood detect ip 192.168.1.2 threshold
2000
Related commands
• ack-flood action
• ack-flood detect non-specific
• ack-flood threshold
• client-verify tcp enable
ack-flood detect non-specific
Use ack-flood detect non-specific to enable ACK flood attack detection for non-specific IP addresses.
Use undo ack-flood detect non-specific to restore the default.
Syntax
ack-flood detect non-specific
undo ack-flood detect non-specific
Default
ACK flood attack detection is not enabled for non-specific IP addresses.
Views
Attack defense policy view
Predefined user roles
network-admin
Usage guidelines
This command enables global ACK flood attack detection. It applies to all IP addresses except those
specified by the ack-flood detect command. The system uses the global trigger threshold set by the
ack-flood threshold command and global actions specified by the ack-flood action command.
Examples
# Enable ACK flood attack detection for non-specific IP addresses in attack defense policy atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] ack-flood detect non-specific
Related commands
• ack-flood action
• ack-flood detect
• ack-flood threshold
To Next Page
Loading...
