R3303-HP HSR6800 Routers Security Command Reference
472
Syntax
tcp state { closing | established | fin-wait-1 | fin-wait-2 | last-ack | syn-received } connection-number
number
undo tcp state { closing | established | fin-wait-1 | fin-wait-2 | last-ack | syn-received }
connection-number
Default
The maximum number of TCP connections in each state is 5.
Views
System view
Default command level
2: System level
Parameters
closing: Specifies the CLOSING state of a TCP connection.
established: Specifies the ESTABLISHED state of a TCP connection.
fin-wait-1: Specifies the FIN_WAIT_1 state of a TCP connection.
fin-wait-2: Specifies the FIN_WAIT_2 state of a TCP connection.
last-ack: Specifies the LAST_ACK state of a TCP connection.
syn-received: Specifies the SYN_RECEIVED state of a TCP connection.
connection-number number: Specifies the maximum number of TCP connections in a certain state, in the
range of 0 to 500.
Usage guidelines
You must enable the protection against Naptha attack before executing this command. Otherwise, an
error is prompted.
You can configure the maximum number of TCP connections in each state.
If the maximum number of TCP connections in a state is 0, the aging of TCP connections in this state is
not accelerated.
Examples
# Set the maximum number of TCP connections in ESTABLISHED state to 100.
<Sysname> system-view
[Sysname] tcp anti-naptha enable
[Sysname] tcp state established connection-number 100
Related commands
tcp anti-naptha enable
tcp syn-cookie enable
Use tcp syn-cookie enable to enable the SYN Cookie feature to protect the device against SYN Flood
attacks.
Use undo tcp syn-cookie enable to disable the SYN Cookie feature.