Cisco Cisco Packet Data Interworking Function (PDIF) Guide De Dépannage
ACS Configuration Mode Commands
firewall flooding ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
Example
The following command ensures a subscriber will not receive more that
The following command ensures a subscriber will not receive more that
ICMP packets per sampling interval:
The following command ensures a subscriber will not receive more than
UDP packets per sampling interval on
different 5-tuples. That is, if an attacker is sending lot of UDP packets on different ports or using different spoofed IPs,
those packets will be limited to
those packets will be limited to
packets per sampling interval. This way only ―suspected‖ malicious packets are
limited and not ―legitimate‖ packets.
The following command ensures a subscriber will not receive more than 1000 TCP-Syn packets per sampling interval.
The following command specifies a flooding sampling interval of second: