Table 4-2 Description on the fields of the display system-guard state command
Field
System-guard Status
Permitted Interfaces
Detect Threshold
Isolated Time
Attack Number
system-guard detect-threshold
Syntax
system-guard detect-threshold threshold-value
undo system-guard detect-threshold
View
System view
Parameter
threshold-value: Threshold for the number of packets when an attack is detected, in the range of 200 to
1,000.
Description
Use the system-guard detect-threshold command to set the threshold for the number of packets
when an attack is detected. When the number of inbound packets of the same type exceeds the
threshold, one attack is detected and recorded.
Use the undo system-guard detect-threshold command to restore the threshold to the default value.
By default, the threshold is 200.
Related command: display system-guard state.
Example
# Set the threshold for the number of packets when an attack is detected to 300.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname]system-guard detect-threshold 300
system-guard enable
Syntax
system-guard enable
undo system-guard enable
The enable/disable status of the system-guard function
Interfaces enabled with the system-guard function
The threshold for the number of packets when an attack is
detected
The length of the isolation after an attack is detected
The times of detected attacks
4-3
Description