Chapter 29 Secure Policy
ZyWALL Series CLI Reference Guide
235
29.4 ADP Commands Overview
Anomaly Detection and Prevention (ADP) protects against anomalies based on violations of protocol
standards (RFCs – Requests for Comments) and abnormal flows such as port scans. This section
introduces ADP, anomaly profiles and applying an ADP profile to a traffic direction.
Traffic Anomalies
Traffic anomaly policies look for abnormal behavior or events such as port scanning, sweeping or
network flooding. They operate at OSI layer-2 and layer-3. Traffic anomaly policies may be updated
when you upload new firmware.
Protocol Anomalies
Protocol anomalies are packets that do not comply with the relevant RFC (Request For Comments).
Protocol anomaly detection includes:
•TCP Decoder
• UDP Decoder
[no] description
description
Sets a descriptive name (up to 64 printable ASCII characters) for a session-
limit rule. The no command removes the descriptive name from the rule.
exit
Quits the sub-command mode.
[no] limit <0..8192>
Sets the limit for the number of concurrent NAT/firewall IPv6 sessions this rule’s
users or addresses can have. 0 means any.
[no] user user_name
Sets an IPv6 session-limit rule for the specified user. The no command resets
the user name to the default (any). any means all users.
session-limit6 append
Enters the IPv6 session-limit sub-command mode to add a session-limit rule to
the end of the session-limit rule list.
session-limit6 delete
rule_number
Removes an IPv6 session-limit rule.
session-limit6 flush
Removes all IPv6 session-limit rules.
session-limit6 insert
rule_number
Enters the IPv6 session-limit sub-command mode to add a session-limit rule
before the specified rule number.
session-limit6 move
rule_number to
rule_number
Moves an IPv6 session-limit to the number that you specified.
show session-limit6
Shows the IPv6 session-limit configuration.
show session-limit6 begin
rule_number end
rule_number
Shows the settings for a range of IPv6 session-limit rules.
show session-limit6
rule_number
Shows the IPv6 session-limit rule’s settings.
show session-limit6
status
Shows the general IPv6 session-limit settings.
Table 117 Command Summary: Session Limit (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
