Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
Global Configuration Mode Commands
▀ threshold fw-dos-attack
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22947-02
threshold fw-dos-attack
This command configures thresholds for Stateful Firewall Denial-of-Service (DoS) attacks.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Disables the threshold and sets
and
to the default values.
Specifies the Stateful Firewall DoS attacks threshold value, which if met or exceeded generates an alert or
alarm.
alarm.
must be an integer from 0 through 1000000.
Default: 0
Specifies the Stateful Firewall DoS attacks clear threshold value. If, in the same polling interval, the threshold
falls below
falls below
a clear alarm is generated.
must be an integer from 0 through 1000000.
Default: 0
Important:
This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm
model, the system assumes it is identical to the low threshold.
Usage
When the number of DoS attacks exceed a given value, a threshold is raised and it is cleared when the
number of DoS attacks fall below a value within the polling interval.
Refer to the
number of DoS attacks fall below a value within the polling interval.
Refer to the
command to configure the polling interval and the
command to enable thresholding for this value.
Example
The following command configures a Stateful Firewall DoS attacks high threshold of
The following command configures a Stateful Firewall DoS attacks high threshold of
and a low threshold of
for a system using the Alarm Thresholding model: