ZyXEL Communications ZyWALL 310

To Next Page

To Previous Page

Chapter 29 Secure Policy

ZyWALL Series CLI Reference Guide

238

[no] scan-detection

{tcp-xxx} {activate |

log [alert] | block}

Activates TCP scan detection options where {tcp-xxx} ={tcp-portscan |

tcp-portscan-fin | tcp-portscan-syn tcp-portsweep }. Also sets TCP scan-

detection logs or alerts and blocking. no deactivates TCP scan detection,

its logs, alerts or blocking.

[no] scan-detection

{udp-portscan}

{activate | log [alert]

| block}

Activates or deactivates UDP port scan . Also sets UDP scan-detection logs

or alerts and blocking. no deactivates UDP scan detection, its logs, alerts

or blocking.

flood-detection block-

period <1..3600>

Sets for how many seconds the ZyWALL / USG blocks all packets from

being sent to the victim (destination) of a detected anomaly attack.

[no] flood-detection

{tcp-flood | udp-flood

| icmp-flood | igmp-

flood} {activate | log

[alert] | block}

Activates or deactivates TCP, UDP,IGMP or ICMP flood detection. Also sets

flood detection logs or alerts and blocking. no deactivates flood

detection, its logs, alerts or blocking.

[no] tcp-decoder {tcp-

xxx} activate

Activates or deactivates tcp decoder options where {tcp-xxx} = {bad-tcp-

flag | bad-tcp-l4-size | tcp-fragment | tcp-land}

tcp-decoder {tcp-xxx}

log [alert]

Sets tcp decoder log or alert options.

no tcp-decoder {tcp-

xxx} log

Deactivates tcp decoder log or alert options.

[no] tcp-decoder {tcp-

xxx} action {drop |

reject- sender |

reject-receiver |

reject-both}}

Sets tcp decoder action.

[no] udp-decoder {bad-

udp-l4-size | udp-land

| udp-smurf} activate

Activates or deactivates udp decoder options.

udp-decoder {bad-udp-

l4-size | udp-land |

udp-smurf} log [alert]

Sets udp decoder log or alert options.

no udp-decoder {bad-

udp-l4-size | udp-land

| udp-smurf} log

Deactivates udp decoder log options.

udp-decoder {bad-udp-

l4-size | udp-land |

udp-smurf} action {drop

| reject-sender |

reject-receiver |

reject-both}

Sets udp decoder action.

no udp-decoder {bad-

udp-l4-size | udp-land

| udp-smurf} action

Deactivates udp decoder actions.

[no] icmp-decoder {bad-

icmp-l4-size | icmp-

fragment | icmp-smurf}

activate

Activates or deactivates icmp decoder options.

Table 122 ADP Add/Edit Profile Commands (continued)

LABEL DESCRIPTION

Main Page

ZyXEL Communications ZyWALL 310 - Page 238

Table of Contents

Other manuals for ZyXEL Communications ZyWALL 310

Related product manuals