Fin-Flood Action - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string
of 1 to 63 characters. It must start with an English letter and to avoid confusion, it cannot be all.
Usage guidelines
The attack defense policy uses an ACL to identify exempted packets. The policy does not check the
packets permitted by the ACL. You can configure the ACL to identify packets from trusted hosts. The
exemption feature reduces the false alarm rate and improves packet processing efficiency.
If an ACL is used for attack detection exemption, only the following match criteria in the ACL permit
rules take effect:
•
Source IP address.
•
Destination IP address.
•
Source port.
•
Destination port.
•
Protocol.
•
L3VPN instance.
•
fragment keyword for matching non-first fragments.
If the specified ACL does not exist or does not contain a rule, attack detection exemption does not
take effect.
Examples
# Configure an ACL to permit packets sourced from 1.1.1.1. Configure attack detection exemption
for packets matching the ACL in the attack defense policy atk-policy-1.
<Sysname> system-view
[Sysname] acl basic 2001
[Sysname-acl-ipv4-basic-2001] rule permit source 1.1.1.1 0
[Sysname-acl-ipv4-basic-2001] quit
[Sysname] attack-defense policy atk-policy-1
[attack-defense-policy-atk-policy-1] exempt acl 2001
Related commands
attack-defense policy
fin-flood action
Use fin-flood action to specify global actions against FIN flood attacks.
Use undo fin-flood action to restore the default.
Syntax
fin-flood action { client-verify | drop | logging } *
undo fin-flood action
Default
No global action is specified for FIN flood attacks.
Views
Attack defense policy view
Predefined user roles
network-admin
887
Advertisement
