ZXR108900SeriesCommandManual(FWVolume)
Parameter
Description
Parameter
Description
addThisaddsonehostorsubnettobeprotected.
protect_name
Thissetsaddressresourcetobeprotected,
whichcanbehost,subnetoraddressrange.
Thisaddressresourceshallbeaddedin
commanddefineinadvance.
<string>
Thisisonestring,indicatingthenameof
addressresource.
icmpflood
Thissetsthemaxreplyrequestsinitiatedto
protectedobjectpersecond.
<number1>Thisisonenumber,indicatingmaxconnection
requests,500bydefault,rangingfrom1to
-65535.
ipsweep
ThissetsthemaxICMPpacketssentfrom
thesameoneIPtomultiplehostswithin
thespecifiedinterval.Whenpacketnumber
reachesthisthreshold,itbelievesthat
addressesarescannedforonetime.
<number2>
Thisisonenumber,inrangeof1-65535.
synflood
Thissetsthemaxconnectionrequests
initiatedtoprotectedobjectpersecond.
<number3>
Thisisonenumber,500bydefault,ranging
from1to-65535.
udpflood
ThissetsthemaxUDPpacketssentto
protectedobjectpersecond.Whenthepacket
numberreachesthisthreshold,UDPflooding
attackprotectionfunctionisenabled.
<number4>
Thisisonenumber,1000bydefault,ranging
from1to-65535.
portscan
ThissetsthemaxIPpacketscontainingTCP
SYNsegmentsentfromthesameonesource
IPtomultipleportsofdestinationIPwithin
thespecifiedinterval.Whenpacketnumber
reachesthisthreshold,itbelievesthatports
arescannedforonetime.
<number5>
Thisisonenumber,inrangeof1-65535.
logWhenattackeventoccurs,itsetswhetherto
recorditintolog.
yes|noyes:Recordtheeventintolog;no:Donāt
recordtheeventintolog.
action
Itsetswhethertopermitpacketstopass
through.
pass|blockpass:Itindicatespermittingpacketstopass
through;block:Itindicatesdenyingpackets
passingthrough.
ExampleT oaddoneintrusiondetectionrule,setaddressofprotectedhost
tohostA,denypacketspassingthroughandrecorditinlog,exe-
cutethefollowingcommand:
#dosruleaddprotect_namehostAicmpflood800ipsweep
8synflood300udpflood300portscan8logyesaction
block
76ConfidentialandProprietaryInformationofZTECORPORATION
To Next Page
Loading...
