HP A6600 Configuration Manual page 416
Hide thumbs
Also See for A6600:
- Configuration manual (426 pages) ,
- Getting started (222 pages) ,
- Limited warranty (41 pages)
Table of Contents
Advertisement
[Router] attack-defense policy 1
# Enable SYN flood attack protection.
[Router-attack-defense-policy-1] defense syn-flood enable
# Set the global action threshold for SYN flood attack protection to 100 packets per second.
[Router-attack-defense-policy-1] defense syn-flood rate-threshold high 100
# Configure the device to use the TCP proxy for subsequent packets after a SYN flood attack is detected.
[Router-attack-defense-policy-1] defense syn-flood action trigger-tcp-proxy
[Router-attack-defense-policy-1] quit
# Apply policy 1 to GigabitEthernet 1/0/2.
[Router] interface gigabitethernet 1/0/2
[Router-GigabitEthernet1/0/2] attack-defense apply policy 1
[Router-GigabitEthernet1/0/2] quit
# Set the TCP proxy working mode to bidirectional.
[Router] undo tcp-proxy mode unidirection
# Enable TCP proxy on GigabitEthernet 1/0/1.
[Router] interface gigabitethernet 1/0/1
[Router-GigabitEthernet1/0/1] tcp-proxy enable
[Router-GigabitEthernet1/0/1] quit
Verify the configuration
When a SYN flood attack targeting an internal server occurs, use display tcp-proxy protected-ip to view
information about the IP addresses protected by the TCP proxy function.
[Router] display tcp-proxy protected-ip
Protected IP
192.168.1.10
The output shows that an entry has been added for the attacked server.
Port number
Type
any
Dynamic
Lifetime(min)
Rejected packets
30
8
404
Advertisement
Table of Contents
Troubleshooting
