Defense Icmp-Flood Action Drop-Packet - HP HSR6600 Command Reference Manual

Default command level
2: System level
Parameters
source-ip-address: IP address to be added to the blacklist, used to match the source IP address of packets.
all: Specifies all blacklist entries.
timeout minutes: Specifies an aging time for the blacklist entry. minutes indicates the aging time, and the
value range is 1 to 1000, in minutes. If you do not specify the aging time, the blacklist entry never gets
aged and always exists unless you delete it manually.
Usage guidelines
You can use the undo blacklist ip source-ip-address timeout command to cancel the aging time specified
for a manually added blacklist entry. After the configuration, this blacklist entry never gets aged.
All blacklist entries can take effect only when the blacklist function is enabled.
You can modify the aging time of an existing blacklist entry, and the modification takes effect
immediately.
Examples
# Add IP address 192.168.1.2 to the blacklist, and configure its aging time as 20 minutes.
<Sysname> system-view
[Sysname] blacklist ip 192.168.1.2 timeout 20
Related commands
blacklist enable
•
display blacklist
•

defense icmp-flood action drop-packet

Use defense icmp-flood action drop-packet to configure the device to drop ICMP flood attack packets.
Use undo defense icmp-flood action to restore the default.
Syntax
defense icmp-flood action drop-packet
undo defense icmp-flood action
Default
The device does not process the attack packets if it detects an ICMP flood attack.
Views
Attack protection policy view
Default command level
2: System level
Examples
# Configure attack protection policy 1 to drop ICMP flood attack packets.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense icmp-flood action drop-packet
460