Icmp-Flood Detect Ip - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Use undo icmp-flood action to restore the default.
Syntax
icmp-flood action { drop | logging } *
undo icmp-flood action
Default
No global action is specified for ICMP flood attacks.
Views
Attack defense policy view
Predefined user roles
network-admin
Parameters
drop: Drops subsequent ICMP packets destined for the victim IP addresses.
logging: Enables logging for ICMP flood attack events.
Examples
# Specify drop as the global action against ICMP flood attacks in the attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] icmp-flood action drop
Related commands
icmp-flood detect non-specific
icmp-flood detect ip
icmp-flood threshold
icmp-flood detect ip
Use icmp-flood detect ip to configure IP address-specific ICMP flood attack detection.
Use undo icmp-flood detect ip to remove the IP address-specific ICMP flood attack detection
configuration.
Syntax
icmp-flood detect ip ip-address [ vpn-instance vpn-instance-name ] [ threshold threshold-value ]
[ action { { drop | logging } * | none } ]
undo icmp-flood detect ip ip-address [ vpn-instance vpn-instance-name ]
Default
IP address-specific ICMP flood attack detection is not configured.
Views
Attack defense policy view
Predefined user roles
network-admin
1060
Advertisement
Table of Contents
