Table of Contents
Advertisement
Alteon Application Switch Operating System Application Guide
Advanced Denial of Service Protection
3. From the Security menu, configure a pattern group and name it something relevant and easy to
remember.
>> /cfg/security/pggroup 1/name
>> /cfg/security/pggroup 1/name
>> /cfg/security/pggroup 1/name
4. Add the new pattern/offset pairs to the pattern group using their ID numbers.
Refer back to
step
2, where you typed the
associated with the SLB string.
>>Pattern Match Group 1# add 8
>>Pattern Match Group 1# add 8
5. Configure a filter and its appropriate protocol in which the patterns are found.
>>/cfg/slb/filt 90
>>Filter 90
# proto tcp
6. Configure the filter source and destination ports.
>>Filter 90
# sport any
>>Filter 90
# dport http
7. Configure the filter to deny.
>>Filter 90 # action deny
Current action: none
Pending new action:
8. Apply the pattern group you configured in
>>Main# /cfg/slb/filt 90/adv/security/addgrp 1
>>Group ID 1 added.
9. Enable pattern matching on the filter. This command enables Layer 7 lookup on the filter.
>> /cfg/slb/filt 90/adv/security/pmatch enable
Current Pattern Match: disabled
New Pattern Match:
10. Apply the filter to the client port. If the incoming client requests enter Alteon on port 3, then add
this filter to port 3.
>> # /cfg/slb/port 3
>> SLB Port 3# filt ena
>> SLB Port 3# add 90
11. Apply and save the configuration.
622
command, if you need to recall the ID number
cur
deny
step 3
enabled
(Name Pattern Group 1)
(Name the group)
(Add the first binary pattern)
(Add the ASCII string pattern)
and
step 4
to the filter.
(Select the client port)
(Enable filtering on the client port)
(Add Filter #90 to the client port)
Document ID: RDWR-ALOS-V2900_AG1302
- Quick Links:
- Part 1-Basic Features
Hide quick links:
Advertisement
Table of Contents
