Security-Suite Deny Syn - Cisco 300 Series Cli Manual
Stackable managed switches
Hide thumbs
Also See for 300 Series:
- Cli manual (899 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
16
367
security-suite deny martian-addresses
in the following table:
Address Block
0.0.0.0/8 (except
when 0.0.0.0/32 is
the source
address)
127.0.0.0/8
192.0.2.0/24
224.0.0.0/4 as
source
240.0.0.0/4 (except
when
255.255.255.255/3
2 is the destination
address)
Note that if the reserved addresses are included, individual reserved addresses
cannot be removed.
Example
The following example discards all packets with a source or destination address in
the block of the reserved IP addresses.
switchxxxxxx(config)#
16.4 security-suite deny syn
To block the creation of TCP connections from a specific interface, use the
security-suite deny syn Interface (Ethernet, Port Channel) Configuration mode
command. This a complete block of these connections.
To permit creation of TCP connections, use the no form of this command.
reserved
Present Use
Addresses in this block refer to source hosts
on "this" network.
This block is assigned for use as the Internet
host loopback address.
This block is assigned as "TEST-NET" for use
in documentation and example code.
This block, formerly known as the Class D
address space, is allocated for use in IPv4
multicast address assignments.
This block, formerly known as the Class E
address space, is reserved.
security-suite deny martian-addresses reserved add
OL-32830-01 Command Line Interface Reference Guide
Denial of Service (DoS) Commands
adds or removes the addresses
Advertisement
Table of Contents
