NETGEAR M6100 Series Reference Manual page 567

Term
First Fragment Mode
Min TCP Hdr Size
ICMPv4 Mode
Max ICMPv4 Payload Size
ICMPv6 Mode
Max ICMPv6 Payload Size
ICMPv4 Fragment Mode
TCP Port Mode
UDP Port Mode
SIPDIP Mode
SMACDMAC Mode
TCP FIN&URG& PSH Mode
TCP Flag & Sequence Mode
TCP SYN Mode
TCP SYN & FIN Mode
M6100 Series Switches
Definition
The administrative mode of First Fragment DoS prevention. When enabled,
this causes the switch to drop packets that have a TCP header smaller then
the configured Min TCP Hdr Size.
The minimum TCP header size the switch will accept if First Fragment DoS
prevention is enabled.
The administrative mode of ICMPv4 DoS prevention. When enabled, this
causes the switch to drop ICMP packets that have a type set to ECHO_REQ
(ping) and a size greater than the configured ICMPv4 Payload Size.
The maximum ICMPv4 payload size to accept when ICMPv4 DoS protection
is enabled.
The administrative mode of ICMPv6 DoS prevention. When enabled, this
causes the switch to drop ICMP packets that have a type set to ECHO_REQ
(ping) and a size greater than the configured ICMPv6 Payload Size.
The maximum ICMPv6 payload size to accept when ICMPv6 DoS protection
is enabled.
The administrative mode of ICMPv4 Fragment DoS prevention. When
enabled, this causes the switch to drop fragmented ICMPv4 packets.
The administrative mode of TCP Port DoS prevention. When enabled, this
causes the switch to drop packets that have the TCP source port equal to the
TCP destination port.
The administrative mode of UDP Port DoS prevention. When enabled, this
causes the switch to drop packets that have the UDP source port equal to the
UDP destination port.
The administrative mode of SIP=DIP DoS prevention. Enabling this causes
the switch to drop packets that have a source IP address equal to the
destination IP address. The factory default is disabled.
The administrative mode of SMAC=DMAC DoS prevention. Enabling this
causes the switch to drop packets that have a source MAC address equal to
the destination MAC address.
The administrative mode of TCP FIN & URG & PSH DoS prevention.
Enabling this causes the switch to drop packets that have TCP flags FIN,
URG, and PSH set and TCP Sequence Number = 0.
The administrative mode of TCP Flag DoS prevention. Enabling this causes
the switch to drop packets that have TCP control flags set to 0 and TCP
sequence number set to 0.
The administrative mode of TCP SYN DoS prevention. Enabling this causes
the switch to drop packets that have TCP Flags SYN set.
The administrative mode of TCP SYN & FIN DoS prevention. Enabling this
causes the switch to drop packets that have TCP Flags SYN and FIN set.
Switching Commands
567