Default
Attack protection logging is disabled.
Views
System view
Default command level
2: System level
Examples
# Enable attack protection logging.
<Sysname> system-view
[Sysname] attack-defense logging enable
attack-defense policy
Use attack-defense policy to create an attack protection policy and enter attack protection policy
view.
Use undo attack-defense policy to remove an attack protection policy.
Syntax
attack-defense policy policy-number [ interface interface-type interface-number ]
undo attack-defense policy policy-number [ interface interface-type interface-number ]
Default
No attack protection policy is created.
Views
System view
Default command level
2: System level
Parameters
policy-number: Sequence number of an attack protection policy, in the range of 1 to 128. You can
configure a maximum of 128 attack protection policies.
interface interface-type interface-number: Specifies the interface that uses the policy exclusively. If
you specify an interface, the policy is applied to the interface only. Otherwise, the policy is applied to
multiple interfaces.
Examples
# Create attack protection policy 1.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1]
Related commands
display attack-defense policy
attack-defense tcp fragment enable
Use attack-defense tcp fragment enable to enable TCP fragment attack protection.
Use undo attack-defense tcp fragment enable to disable TCP fragment attack protection.
416