Cisco Cisco Packet Data Gateway (PDG)
firewall tcp-reset-message-threshold
This command configures a threshold on the number of TCP reset messages sent by the subscriber for a
particular data flow. After this threshold is reached, further downlink traffic to the subscriber on the unwanted
flow is blocked.
particular data flow. After this threshold is reached, further downlink traffic to the subscriber on the unwanted
flow is blocked.
Product
PSF
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-fw-and-nat-policy)#
Syntax Description
firewall tcp-reset-message-threshold messages then-block-server
{ default | no } firewall tcp-reset-message-threshold
{ default | no } firewall tcp-reset-message-threshold
default
Configures the default setting.
Default: Disabled
no
Disables the configuration.
messages
Specifies the threshold on the number of TCP reset messages sent by the subscriber for a particular data flow.
messages must be an integer from 1 through 100.
Usage Guidelines
Use this command to configure a threshold on the number of TCP reset messages (TCP RST+ACK) sent by
the subscriber for a particular data flow. After the threshold is reached, assuming the server is not reacting
properly to the reset messages further downlink traffic to the subscriber on the unwanted flow is blocked.
This configuration enables QCHAT noise suppression for TCP.
the subscriber for a particular data flow. After the threshold is reached, assuming the server is not reacting
properly to the reset messages further downlink traffic to the subscriber on the unwanted flow is blocked.
This configuration enables QCHAT noise suppression for TCP.
Command Line Interface Reference, Modes E - F, StarOS Release 19
1710
Firewall-and-NAT Policy Configuration Mode Commands
firewall tcp-reset-message-threshold