Cisco Cisco Packet Data Gateway (PDG)
firewall dos-protection flooding
This command is configured to protect servers from mobile subscribers in the uplink direction.
In StarOS 17.0 and later releases, the uplink flooding feature is not enabled in the ACS Configuration
mode, and must be enabled in the Firewall-and-NAT Policy Configuration mode. Hence, this command
is no longer supported and left in place for backward compatibility.
mode, and must be enabled in the Firewall-and-NAT Policy Configuration mode. Hence, this command
is no longer supported and left in place for backward compatibility.
Important
Product
PSF
NAT
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration
active-charging service service_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-acs)#
Syntax Description
firewall dos-protection flooding { { icmp | tcp-syn | udp } protect-servers { all | host-pool hostpool_name
} packet limit packet_limit | inactivity-timeout timeout | uplink-sample-interval interval }
default firewall dos-protection flooding { icmp | tcp-syn | udp | inactivity-timeout | uplink-sample-interval
}
no firewall dos-protection flooding { icmp | tcp-syn | udp }
no
Disables Stateful Firewall protection for subscribers against the specified Denial of Service (DoS) attack(s).
default
Disables Stateful Firewall protection for subscribers against all DoS attacks.
flooding { icmp | tcp-syn | udp } protect-servers { all | host-pool hostpool_name
Enables protection against the specified flooding attack:
• icmp: Enables ICMP uplink flooding protection.
• tcp-syn: Enables TCP Syn uplink flooding protection.
Command Line Interface Reference, Modes A - B, StarOS Release 19
394
ACS Configuration Mode Commands
firewall dos-protection flooding