Руководство По Устранению Ошибки для Cisco Cisco Packet Data Gateway (PDG)
Active Charging Service Configuration Mode Commands
firewall flooding ▀
Cisco ASR 5000 Series Command Line Interface Reference ▄
OL-22948-01
firewall flooding
This command configures Stateful Firewall protection from packet flooding attacks.
Important:
In StarOS 8.1 and later, for Rulebase-based Stateful Firewall this command is available in the
Rulebase Configuration Mode, and for Policy-based Stateful Firewall in the Firewall-and-NAT Policy Configuration
Mode. In StarOS 8.3, this command is available in the Rulebase Configuration Mode.
Mode. In StarOS 8.3, this command is available in the Rulebase Configuration Mode.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
Sets the specified firewall flooding configuration to the default value.
Specifies the transport protocol:
: Configuration for ICMP protocol.
: Configuration for TCP-SYN packet limit.
: Configuration for UDP protocol.
Specifies the maximum number of specified packets a subscriber can receive during a sampling interval.
is the maximum number of packets allowed during a sampling interval, and must be an integer
from 1 through 4294967295.
Default: 1000 packets per sampling-interval.
Default: 1000 packets per sampling-interval.
Specifies the flooding sampling interval in seconds.
must be an integer from 1 through 60.
Default: 1 second
The maximum sampling-interval configurable is 60 seconds.
The maximum sampling-interval configurable is 60 seconds.
Usage
Use this command to configure the maximum number of ICMP, TCP-SYN, / UDP packets allowed to prevent
the packet flooding attacks to the host.
the packet flooding attacks to the host.