Cisco Cisco Tunnel Terminating Gateway (TTG) Guide De Dépannage
ACS Rulebase Configuration Mode Commands
firewall flooding ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22947-02
Example
The following command ensures a subscriber will not receive more that 1000 ICMP packets per sampling interval:
The following command ensures a subscriber will not receive more that 1000 ICMP packets per sampling interval:
The following command ensures a subscriber will not receive more than 1000 UDP packets per sampling interval on
different 5-tuples. That is, if an attacker is sending lot of UDP packets on different ports or using different spoofed IPs,
those packets will be limited to 1000 packets per sampling interval. This way only ―suspected‖ malicious packets are
limited and not ―legitimate‖ packets:
different 5-tuples. That is, if an attacker is sending lot of UDP packets on different ports or using different spoofed IPs,
those packets will be limited to 1000 packets per sampling interval. This way only ―suspected‖ malicious packets are
limited and not ―legitimate‖ packets:
The following command ensures a subscriber will not receive more than 1000 TCP-Syn packets per sampling interval:
The following command specifies a flooding sampling interval of 1 second: