Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
ACS Configuration Mode Commands
▀ firewall flooding
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22947-02
firewall flooding
This command configures Stateful Firewall protection from packet flooding attacks.
Important:
In StarOS 8.1 and later releases, for Rulebase-based Stateful Firewall this command is available in
the ACS Rulebase Configuration Mode, and for Policy-based Stateful Firewall in the Firewall-and-NAT Policy
Configuration Mode. In StarOS 8.3, this command is available in the ACS Rulebase Configuration Mode.
Configuration Mode. In StarOS 8.3, this command is available in the ACS Rulebase Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Configures the default setting.
Specifies the transport protocol:
: Configuration for ICMP protocol.
: Configuration for TCP-SYN packet limit.
: Configuration for UDP protocol.
Specifies the maximum number of specified packets a subscriber can receive during a sampling interval.
is the maximum number of packets allowed during a sampling interval, and must be an integer
from 1 through 4294967295.
Default: 1000 packets per sampling-interval
Default: 1000 packets per sampling-interval
Specifies the flooding sampling interval in seconds.
must be an integer from 1 through 60.
Default: 1 second
The maximum sampling-interval configurable is 60 seconds.
The maximum sampling-interval configurable is 60 seconds.
Usage
Use this command to configure the maximum number of ICMP, TCP-SYN, / UDP packets allowed to prevent
the packet flooding attacks to the host.
the packet flooding attacks to the host.