In filter detection mode, the device generates a log message and filters out the ARP packets from the
•
MAC address.
In monitor detection mode, the device only generates a log message.
•
If no detection mode is specified in the undo arp anti-attack source-mac command, both detection
modes are disabled.
Examples
# Enable filter-mode source MAC address based ARP attack detection
<Sysname> system-view
[Sysname] arp anti-attack source-mac filter
arp anti-attack source-mac aging-time
Syntax
arp anti-attack source-mac aging-time time
undo arp anti-attack source-mac aging-time
View
System view
Default level
2: System level
Parameters
time: Specifies the age timer for protected MAC addresses, in the range of 60 to 6000 seconds.
Description
Use arp anti-attack source-mac aging-time to configure the age timer for protected MAC addresses.
Use undo arp anti-attack source-mac aging-time to restore the default.
By default, the age timer for protected MAC addresses is 300 seconds (five minutes).
Examples
# Configure the age timer for protected MAC addresses as 60 seconds.
<Sysname> system-view
[Sysname] arp anti-attack source-mac aging-time 60
arp anti-attack source-mac exclude-mac
Syntax
arp anti-attack source-mac exclude-mac mac-address&<1- 1 0>
undo arp anti-attack source-mac exclude-mac [ mac-address&<1- 1 0> ]
View
System view
Default level
2: System level
255