651
Related commands
• syn-ack-flood action
• syn-ack-flood detect non-specific
• syn-ack-flood threshold
syn-ack-flood detect non-specific
Use syn-ack-flood detect non-specific to enable SYN-ACK flood attack detection for non-specific IP
addresses.
Use undo syn-ack-flood detect non-specific to restore the default.
Syntax
syn-ack-flood detect non-specific
undo syn-ack-flood detect non-specific
Default
SYN-ACK flood attack detection is not enabled for non-specific IP addresses.
Views
Attack defense policy view
Predefined user roles
network-admin
Usage guidelines
This command enables global SYN-ACK flood attack detection. It applies to all IP addresses except for
those specified by the syn-ack-flood detect command. The system uses the global trigger threshold set by
the syn-ack-flood threshold command and global actions specified by the syn-ack-flood action
command.
Examples
# Enable SYN-ACK flood attack detection for non-specific IP addresses in attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] syn-ack-flood detect non-specific
Related commands
• syn-ack-flood action
• syn-ack-flood detect
• syn-ack-flood threshold
syn-ack-flood threshold
Use syn-ack-flood threshold to set the global threshold for triggering SYN-ACK flood attack prevention.
Use undo syn-ack-flood threshold to restore the default.
To Next Page
Loading...
