Show Server Conn-Rate; Maximum Connections; Clear Statistics Dos-Attack - Brocade Communications Systems ServerIron ADX 12.4.00a Security Manual

show server conn-rate

Use show server conn-rate to display the global TCP connection rate (per second) and TCP SYN
attack rate (per second). This command reports global connection rate information for the
ServerIron as well as for each real server.
ServerIronADX# show server conn-rate
Avail. Sessions
Total C->S Conn
Total Reassign
last conn rate
last TCP attack rate =
SYN def RST
Server State - 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active
Real Server
rs1

Maximum connections

Use max-conn to set the number of maximum connections on a global real server level (all ports) or
a single port.
All ports
One port

clear statistics dos-attack

Use clear statistics dos-attack to reset counters for ICMP and TCP SYN packet burst thresholds, as
displayed by show statistics dos-attack.
Example
ServerIronADX# clear statistics dos-attack
ServerIronADX# show statistics dos-attack
NOTE
The above commands are used to reset and verify counters for ICMP and TCP SYN packet burst
thresholds. The ServerIron ADX has introduced more a powerful feature to detect and block DoS
attacks. Please refer to the chapter titled:
details about verifying and clearing DOS-attack counters and filters.
ServerIron ADX Security Guide
53-1002440-03
= 524286 Total Sessions
= 0 Total S->C Conn
= 0 Unsuccessful Conn
= 0 max conn rate
0 max TCP attack rate
= 0 SYN flood
State CurrConn
3 0
!
server real rs1 10.10.1.30
max-conn 1200
port http
port http max-conn 1000
port http url "HEAD /"
!
"Syn-Proxy and DoS Protection"
Maximum connections
=
=
=
=
=
=
TotConn LastRate
0 0
1
524288
0
0
0
0
0
CurrRate MaxRate
0 0
on page 113 to view
31