50
854
Syntax
show security-suite syn protection interface-id
Parameters
interface-id—Specifies an interface-ID. The interface-ID can be one of the
following types: Ethernet port of Port-Channel. If this parameter is not provided,
information is displayed for all interfaces.
Command Mode
EXEC mode
Example
The following example displays the TCP SYN protection feature configuration and
current status on all interfaces. In this example, port 152 is attacked but since
there is a user-ACL on this port, it cannot become blocked so its status is
Reported and not Blocked and Reported.
switchxxxxxx# show security-suite syn protection
Protection Mode: Block
Threshold: 40 Packets Per Second
Period: 100 Seconds
Interface
Current
Name
Status
----------
---------
151
Attacked
152
Attacked
153
Attacked
Last
Attack
--------------------------------------------------
19:58:22.289 PDT Feb 19 2012
19:58:22.289 PDT Feb 19 2012
19:58:22.289 PDT Feb 19 2012 Blocked and Reported
78-21075-01 Command Line Interface Reference Guide
Denial of Service (DoS) Commands
Blocked and Reported
Reported