Cisco Cisco Packet Data Gateway (PDG)
firewall dos-protection
This command allows you to configure Stateful Firewall protection for subscribers from Denial-of-Service
(DoS) attacks.
(DoS) attacks.
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS 8.3,
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, this command is available in the
Firewall-and-NAT Policy Configuration Mode.
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, this command is available in the
Firewall-and-NAT Policy Configuration Mode.
Important
Product
PSF
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-rule-base)#
Syntax Description
[ no ] firewall dos-protection { all | flooding { icmp | tcp-syn | udp } | ftp-bounce | ip-unaligned-timestamp
| mime-flood | port-scan | tcp-window-containment | source-router | teardrop | winnuke }
default firewall dos-protection
no
If previously enabled, disables Stateful Firewall protection for subscribers from all or specified DoS attack(s).
default
Configures this command with its default setting.
Default: Protection from all DOS attacks is disabled.
all
Enables protection against all DoS attacks supported by the Stateful Firewall in-line service.
flooding { icmp | tcp-syn | udp }
Enables protection against specified flooding attacks:
Command Line Interface Reference, Modes A - B, StarOS Release 19
649
ACS Rulebase Configuration Mode Commands
firewall dos-protection