Configuration Guide NFPP Configuration
Ruijie# copy running-config
startup-config
To restore the monitored time to the default value, use the no ip-guard
monitor-period command in the nfpp configuration mode.
If the isolated time is 0, the serviceview monitor will be perform to
monitor the detected attacker, and the timeout time will be the
monitored period. In the process of the serviceview monitor, if the
isolated time is but not 0, the hardware isolation will be performed
to isolate the attacker, and the timeout time will be the isolated
period. Only be the monitored period valid when the isolated
period is 0.
Modifying the isolated time from non-0 to 0 removes the attackers
from the interface rather than performs the serviceview monitor.
Configuring the monitored host limit
Ruijie# configure terminal
Enter the global configuration mode.
Enter the nfpp configuration mode.
Ruijie(config-nfpp)# ip-guard
monitored-host-limit seconds
Configure the monitored host limit,
ranging 1-4294967295. The default
value is1000.
Return to the privileged EXEC mode.
Ruijie# show nfpp ip-guard summary
Show the parameter settings.
Ruijie# copy running-config
startup-config
To restore the monitored host limit to the default value, use the no ip-guard
monitored-host-limit command in the nfpp configuration mode.
If the monitored host number has reached the default 1000, and the
administrator sets the monitored host limit smaller than 1000, the existent
moniored hosts will not be deleted and it will prompt the message “%ERROR: The
value that you configured is smaller than current monitored hosts 1000,please
clear a part of monitored hosts.” to notify the administrator of the invalid
configuration and removing a part of the monitored hosts.
To Next Page
Loading...
