Optional) Specifying Protocol Types Supporting Source Tracing - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-name
The attack defense policy view is displayed.
Step 3 Run:
auto-defend enable
Automatic attack source tracing is enabled.
By default, automatic attack source tracing is disabled.
Step 4 (Optional) Run:
auto-defend trace-type
The attack source tracing type is configured.
By default, the S3700 traces attack sources based on source MAC addresses, source IP addresses,
and source ports+VLANs.
If the whitelist filters users based on source IP addresses or MAC addresses, this command is
required.
Step 5 Run:
auto-defend whitelist
interface-number }
The whitelist for source tracing is configured.
By default, no whitelist is configured.
----End
6.4.6 (Optional) Specifying Protocol Types Supporting Source
Tracing
You can enable source tracing for the packets of certain protocols.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-name
The attack defense policy view is displayed.
Step 3 Run:
auto-defend enable
Automatic attack source tracing is enabled.
By default, automatic attack source tracing is disabled.
Step 4 (Optional) Run:
Issue 01 (2011-07-15)
{ source-mac | source-ip | source-portvlan } *
whitelist-num { acl acl_number | interface interface-type
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
6 Local Attack Defense Configuration
187
Advertisement
Table of Contents
