Cisco Cisco Packet Data Gateway (PDG) Fehlerbehebungsanleitung
Active Charging Service Configuration Mode Commands
firewall mime-flood ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22948-01
firewall mime-flood
This command configures Stateful Firewall protection from mime-flood attacks.
Important:
In StarOS 8.1 and later, for Rulebase-based Stateful Firewall this command is available in the
Rulebase Configuration Mode, and for Policy-based Stateful Firewall in the Firewall-and-NAT Policy Configuration
Mode. In StarOS 8.3, this command is available in the Rulebase Configuration Mode.
Mode. In StarOS 8.3, this command is available in the Rulebase Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Sets the specified firewall mime flood configuration to the default value.
Specifies the maximum number of headers allowed in an HTTP packet. If the number of HTTP headers in a
page received is more than the specified limit, the request will be denied.
page received is more than the specified limit, the request will be denied.
must be an integer from 1 through 256.
Default: 16
Specifies the maximum header field size allowed in the HTTP header, in bytes. If the size of HTTP header in
the received page is more than the specified number of bytes, the request will be denied.
the received page is more than the specified number of bytes, the request will be denied.
must be an integer from 1 through 8192.
Default: 4096 bytes
Usage
Use this command to configure the maximum number of headers allowed in an HTTP packet, and the
maximum header field size allowed in the HTTP header to prevent the mime flooding attacks.
maximum header field size allowed in the HTTP header to prevent the mime flooding attacks.
Example
The following command sets the maximum number of headers allowed in an HTTP packet to
The following command sets the maximum number of headers allowed in an HTTP packet to
:
The following command sets the maximum header field size allowed in the HTTP header to
bytes: