Udp-Flood Detect - H3C MSR Series Command Reference Manual

Comware 7 security

Hide thumbs Also See for MSR Series:

Table of Contents

udp-flood action { drop | logging } *

undo udp-flood action

No global action is specified for UDP flood attacks.

Attack defense policy view

Predefined user roles

network-admin

drop: Drops subsequent UDP packets destined for the victim IP addresses.

logging: Enables logging for UDP flood attack events.

# Specify drop as the global action against UDP flood attacks in the attack defense policy

atk-policy-1.

<Sysname> system-view

[Sysname] attack-defense policy atk-policy-1

[Sysname-attack-defense-policy-atk-policy-1] udp-flood action drop

Related commands

udp-flood detect

udp-flood detect non-specific

udp-flood threshold

udp-flood detect

Use udp-flood detect to configure IP address-specific UDP flood attack detection.

Use undo udp-flood detect to remove the IP address-specific UDP flood attack detection

configuration.

udp-flood detect { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]

[ threshold threshold-value ] [ action { { drop | logging } * | none } ]

undo udp-flood detect { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ]

IP address-specific UDP flood attack detection is not configured.

Attack defense policy view

Predefined user roles

network-admin

ip ipv4-address: Specifies the IPv4 address to be protected. The ipv4-address argument cannot be

255.255.255.255 or 0.0.0.0.