No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Security

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the network management feature supported by the device.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Setting the Parameters for Flood Attack Defense

Setting the Parameters for Flood Attack Defense

Context

When configuring Flood attack defense, specify the zones or IP addresses to be protected; otherwise, the attack defense parameters are invalid. You can also specify the maximum session rate. When the session rate exceeds the limit, the firewall considers that an attack occurs and takes measures.

Flood attack defense parameters configured for an IP address take precedence over those configured for a zone. If Flood attack defense is configured for both a specified IP address and the zone where the IP address resides, the configuration for the IP address takes effect. If you delete the attack defense configuration for the IP address, the attack defense configuration for the zone takes effect.

Steps 2-4 are optional and can be performed in any sequence. You can perform any of these steps as required.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run firewall defend icmp-flood { ip ip-address [ vpn-instance vpn-instance-name ] | zone zone-name } [ max-rate rate-value ]

    The parameters for ICMP Flood attack defense are set.

    By default, the maximum session rate for Flood attacks is 1000 pps.

  3. Run firewall defend syn-flood { ip ip-address [ vpn-instance vpn-instance-name ] | zone zone-name } [ max-rate rate-value ] [ tcp-proxy { auto | off | on } ]

    The parameters for SYN Flood attack defense are set.

    By default, the maximum session rate for Flood attacks is 1000 pps.

  4. Run firewall defend udp-flood { ip ip-address [ vpn-instance vpn-instance-name ] | zone zone-name } [ max-rate rate-value ]

    The parameters for UDP Flood attack defense are set.

    By default, the maximum session rate for Flood attacks is 1000 pps.

Translation
Download
Updated: 2019-08-07

Document ID: EDOC1100034077

Views: 127961

Downloads: 231

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next