Cisco Cisco Packet Data Gateway (PDG)
ACS Rulebase Configuration Mode Commands
firewall mime-flood ▀
Command Line Interface Reference, StarOS Release 17 ▄
705
firewall mime-flood
This command allows you to configure Stateful Firewall protection from Multipurpose Internet Mail Extensions
(MIME) Flood attacks.
(MIME) Flood attacks.
Important:
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS
8.3, use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0 and later
releases, for Policy-based Firewall-and-NAT configuration, this command is available in the Firewall-and-NAT Policy
Configuration Mode.
releases, for Policy-based Firewall-and-NAT configuration, this command is available in the Firewall-and-NAT Policy
Configuration Mode.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-rule-base)#
Syntax
firewall mime-flood { http-headers-limit max_limit | max-http-header-field-size max_size
}
}
default firewall mime-flood { http-headers-limit | max-http-header-field-size }
default
Configures this command with its default setting.
http-headers-limit max_limit
Specifies the maximum number of headers allowed in an HTTP packet. If the number of HTTP headers in a
page received is more than the specified limit, the request will be denied.
page received is more than the specified limit, the request will be denied.
max_limit
must be an integer from 1 through 256.
Default: 16
max-http-header-field-size max_size
Specifies the maximum header field size allowed in the HTTP header, in bytes. If the size of HTTP header in
the received page is more than the specified number of bytes, the request will be denied.
the received page is more than the specified number of bytes, the request will be denied.
max_size
must be an integer from 1 through 8192.
Default: 4096 bytes
Usage
Use this command to configure the maximum number of headers allowed in an HTTP packet, and the
maximum header field size allowed in the HTTP header to prevent MIME flooding attacks.
maximum header field size allowed in the HTTP header to prevent MIME flooding attacks.