No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
dns request-type check

dns request-type check

Function

The dns request-type check command enables DNS request packet type detection.

The undo dns request-type check command disables DNS request packet type detection.

Format

dns request-type check { start-type [ to end-type ] action | default-action } { alert | allow | block }

undo dns request-type check { all | start-type [ to end-type ] }

Parameters

Parameter Description Value
start-type end-type Indicates the query type of a DNS packet. The value is an integer ranging from 0 to 65535. The value of end-type must be no smaller than that of start-type.
action Indicates the action. -
default-action Indicates the default action. -
allow The packet is permitted. -
alert The packet is permitted, and a log is recorded. -
block The packet is blocked, and a log is recorded. -
all Indicates all query types. -

Views

Intrusion prevention profile view

Default Level

2: Configuration level

Usage Guidelines

To detect all query types, set a default action (default-action).

You can also detect a specified query type. When the DNS packet query type is as specified, the corresponding processing action is implemented. The default processing action applies to other query types.

By default, this function is disabled.

Example

# In IPS profile profile1, enable DNS packet query type detection and set the default action to block.

<Huawei> system-view
[Huawei] profile type ips name profile1
[Huawei-profile-ips-profile1] dns request-type check default-action block
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 208187

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next