для Cisco Cisco Packet Data Gateway (PDG)
firewall flooding
This command allows you to configure Stateful Firewall protection from Packet Flooding attacks.
In StarOS 8.0, this command is available in the ACS Configuration Mode. In StarOS 8.1 and StarOS 8.3,
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, this command is available in the
Firewall-and-NAT Policy Configuration Mode.
use this command for Rulebase-based Firewall-and-NAT configuration. In StarOS 8.1 and StarOS 9.0
and later releases, for Policy-based Firewall-and-NAT configuration, this command is available in the
Firewall-and-NAT Policy Configuration Mode.
Important
Product
PSF
Privilege
Security Administrator, Administrator
Command Modes
Exec > ACS Configuration > Rulebase Configuration
active-charging service service_name > rulebase rulebase_name
Entering the above command sequence results in the following prompt:
[local]
host_name
(config-rule-base)#
Syntax Description
firewall flooding { { protocol { icmp | tcp-syn | udp } packet limit packets } | { sampling-interval interval
} }
default firewall flooding { { protocol { icmp | tcp-syn | udp } packet limit } | { sampling-interval } }
default
Configures this command the default setting for the specified keyword.
protocol { icmp | tcp-syn | udp }
Specifies the transport protocol:
• icmp: Configuration for ICMP protocol.
• tcp-syn: Configuration for TCP-SYN packet limit.
• udp: Configuration for UDP protocol.
packet limit packets
Specifies the maximum number of specified packets a subscriber can receive during a sampling interval.
packets must be an integer from 1 through 4294967295.
Command Line Interface Reference, Modes A - B, StarOS Release 19
652
ACS Rulebase Configuration Mode Commands
firewall flooding