Cisco Cisco Packet Data Interworking Function (PDIF) Guía Para Resolver Problemas
Firewall-and-NAT Policy Configuration Mode Commands
firewall mime-flood ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22948-01
firewall mime-flood
This command configures Stateful Firewall protection from MIME Flood attacks.
Important:
In StarOS 8.0, this configuration is available in the ACS Configuration Mode. In StarOS 8.1, for
Rulebase-based Stateful Firewall configuration, this configuration is available in the Rulebase Configuration Mode. In
StarOS 8.3, this configuration is available in the Rulebase Configuration Mode.
StarOS 8.3, this configuration is available in the Rulebase Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Configures the default setting for the specified parameter.
Specifies the maximum number of headers allowed in an HTTP packet. If the number of HTTP headers in a
page received is more than the specified limit, the request will be denied.
page received is more than the specified limit, the request will be denied.
must be an integer from 1 through 256.
Default: 16
Specifies the maximum header field size allowed in the HTTP header, in bytes. If the size of HTTP header in
the received page is more than the specified number of bytes, the request will be denied.
the received page is more than the specified number of bytes, the request will be denied.
must be an integer from 1 through 8192.
Default: 4096 bytes
Usage
Use this command to configure the maximum number of headers allowed in an HTTP packet, and the
maximum header field size allowed in the HTTP header to prevent MIME flooding attacks.
This command is only effective if Stateful Firewall DoS protection for MIME flood attacks has been enabled
using the
maximum header field size allowed in the HTTP header to prevent MIME flooding attacks.
This command is only effective if Stateful Firewall DoS protection for MIME flood attacks has been enabled
using the
command, and the
command has been
configured to send HTTP packets to the HTTP analyzer.
Example
The following command sets the maximum number of headers allowed in an HTTP packet to
The following command sets the maximum number of headers allowed in an HTTP packet to
: