Netgear M5300-28G-POE+ (GSM7228PSv1h2) - 12-Port Managed Gigabit Switch Softwarehandbuch
Switching Commands
597
M5300, M6100, and M7100 Series ProSAFE Managed Switches
Mfg Name: xxx xxx xxx
Model Name: xxx xxx xxx
Asset ID: xxx xxx xxx
Location
Subtype: elin
Info: xxx xxx xxx
Extended POE
Device Type: pseDevice
Extended POE PSE
Available: 0.3 Watts
Source: primary
Priority: critical
Extended POE PD
Required: 0.2 Watts
Source: local
Priority: low
Denial of Service Commands
This section describes the commands you use to configure Denial of Service (DoS) Control.
NETGEAR Managed Switch software provides support for classifying and blocking specific
types of Denial of Service attacks. You can configure your system to monitor and block these
types of attacks:
NETGEAR Managed Switch software provides support for classifying and blocking specific
types of Denial of Service attacks. You can configure your system to monitor and block these
types of attacks:
•
SIP = DIP: Source IP address = Destination IP address.
•
First Fragment:TCP Header size smaller then configured value.
•
TCP Fragment: Allows the device to drop packets that have a TCP payload where the IP
payload length minus the IP header size is less than the minimum allowed TCP header
size.
payload length minus the IP header size is less than the minimum allowed TCP header
size.
•
TCP Flag: TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and TCP
Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence
Number = 0 or TCP Flags SYN and FIN set.
Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence
Number = 0 or TCP Flags SYN and FIN set.
•
L4 Port: Source TCP/UDP Port = Destination TCP/UDP Port.
•
ICMP: Limiting the size of ICMP Ping packets.
•
SMAC = DMAC: Source MAC address = Destination MAC address
•
TCP Port: Source TCP Port = Destination TCP Port
•
UDP Port: Source UDP Port = Destination UDP Port