No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
dns domain length check

dns domain length check

Function

The dns domain length check command enables the DNS domain name length check function.

The undo dns domain length check command disables the DNS domain name length check function.

Format

dns domain length check [ max-length max-length ] action { alert | block }

undo dns domain length check

Parameters

Parameter Description Value
max-length max-length Specifies the maximum DNS domain name length to be checked. The value is an integer ranging from 1 to 255. The default value is 64.
alert Permits the packet and generates a log if the DNS domain name is longer than the maximum length. -
block Blocks the packet and generates a log if the DNS domain name is longer than the maximum length. -

Views

Intrusion prevention profile view

Default Level

2: Configuration level

Usage Guidelines

The DNS domain name length check function is disabled by default.

After the DNS domain name length check function is enabled, the Central AP permits or blocks traffic and generates a log if the length of any domain name exceeds the specified maximum length. If no maximum length is specified, the default value 64 is used.

Example

# In the intrusion prevention profile profile1, enable the DNS domain name length check function, specify the maximum length to 255, and set the action to block.

<Huawei> system-view
[Huawei] profile type ips name profile1
[Huawei-profile-ips-profile1] dns domain length check max-length 255 action block
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 201862

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next