HP FlexNetwork MSR Series Command Reference Manual page 851

Flood attack defense configuration:
Flood type Global thres(pps)
SYN flood 1000(default)
ACK flood 1000(default)
SYN-ACK flood 1000(default)
RST flood 200
FIN flood 1000(default)
UDP flood 1000(default)
ICMP flood 1000(default)
ICMPv6 flood 1000(default)
DNS flood 10000
HTTP flood 10000
Flood attack defense for protected IP addresses:
Address
1::1
192.168.1.1
1::1
2013:2013:2013:2013:
2013:2013:2013:2013
Table 124 Command output
Field
Policy name
Applied list
Exempt IPv4 ACL
Exempt IPv6 ACL
Actions
Signature attack
configuration
Signature name
Defense
Level
Actions
Global actions
-
-
-
-
L,D
-
-
CV
-
-
VPN instance Flood type
-- FIN-FLOOD
A01234567890 SYN-ACK-FLOOD 10
123456789012
3456789
-- FIN-FLOOD
A0123456789 DNS-FLOOD
Description
Name of the attack defense policy.
List of interfaces to which the attack defense policy is applied. If the policy
is applied to the device, this field displays Local.
IPv4 ACL used for attack detection exemption.
IPv6 ACL used for attack detection exemption.
Attack prevention actions:
•
CV—Client verification.
•
BS—Blocking sources.
•
L—Logging.
•
D—Dropping packets.
•
N—No action.
defense Configuration information about single-packet attack detection and
prevention.
Type of the single-packet attack.
Whether single-packet attack detection is enabled.
Level of the single-packet attack, info, low, medium, or high.
Currently, no high-level single-packet attacks exist.
Prevention actions against the single-packet attack:
•
L—Logging.
•
D—Dropping packets.
•
N—No action.
833
Service ports Non-specific
- Disabled
- Enabled
- Disabled
- Enabled
- Disabled
- Disabled
- Disabled
- Disabled
30,61 to 62 Enabled
80,8080 Enabled
Thres(pps) Actions Ports
10 L,D
-
- L
100 L,CV
-
-
-
53