Security-Suite Deny Syn-Fin - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
50
850
Interface
---------------
gi2
Fragmented packets filtering
Interface
--------------
gi2s
50.9
security-suite deny syn-fin
Use the security-suite deny syn-fin Global Configuration mode command to drop
all ingressing TCP packets in which both SYN and FIN flags are set.
Use the no form of this command to permit TCP packets in which both SYN and
FIN are set.
Syntax
security-suite deny syn-fin
no security-suite deny syn-fin
Parameters
N/A
Default Configuration
Drop all ingressing TCP packets in which both SYN and FIN are set.
Command Mode
Global Configuration mode
Example
The following example blocks TCP packets in which both SYN and FIN flags are
set.
switchxxxxxx(config)#
IP Address
--------------
176.16.23.0\24
IP Address
--------------
176.16.23.0\24
security-suite deny syn-fin
78-21075-01 Command Line Interface Reference Guide
Denial of Service (DoS) Commands
Advertisement
Table of Contents
