No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
flood-detect threshold

flood-detect threshold

Function

The flood-detect threshold command sets the flood attack detection threshold. A flood attack occurs when an AP receives a large number of packets of the same type within a short period.

The undo flood-detect threshold command restores the default flood attack detection threshold.

By default, the flood attack detection threshold is 500.

Format

flood-detect threshold threshold

undo flood-detect threshold

Parameters

Parameter

Description

Value

threshold threshold

Specifies the flood attack detection threshold.

The value is an integer that ranges from 1 to 1000.

Views

WIDS profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A flood attack occurs when a device receives a large number of packets of the same type within a short period. As a result, the device is flooded by too many attack packets to process service packets from authorized wireless terminals.

After the flood attack detection function is enabled, a device counts the number of packets of the same type that it receives from a user at regular intervals. When the number exceeds a specified threshold, the device considers that the user launches a flood attack. If the dynamic blacklist function is enabled, the user will be added to a dynamic blacklist. If the threshold is set to a small value, the device may incorrectly add authorized users to the dynamic blacklist, causing the users unable to go online.

Follow-up Procedure

Run the dynamic-blacklist enable command to enable the dynamic blacklist function.

Example

# Set the flood attack detection threshold to 350.

<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] ap-group name office
[HUAWEI-wlan-ap-group-office] radio 0
[HUAWEI-wlan-group-radio-office/0] wids attack detect enable flood
[HUAWEI-wlan-group-radio-office/0] quit
[HUAWEI-wlan-ap-group-office] quit
[HUAWEI-wlan-view] wids-profile name huawei
[HUAWEI-wlan-wids-prof-huawei] flood-detect threshold 350
Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 125935

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next