Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
45
[Firewall] blacklist ip 192.168.1.4 timeout 50
162BVerifying the configuration
Use the display blacklist all command to display the added blacklist entries.
[Firewall] display blacklist all
Blacklist information
-------------------------------------------------------------------------
Blacklist : enabled
Blacklist items : 2
------------------------------------------------------------------------------
IP Type Aging started Aging finished Dropped packets
YYYY/MM/DD hh:mm:ss YYYY/MM/DD hh:mm:ss
5.5.5.5 manual 2008/04/09 16:02:20 Never 0
192.168.1.4 manual 2008/04/09 16:02:26 2008/04/09 16:52:26 0
After the configuration takes effect, Firewall should:
Always drop packets from Host D unless you delete Host D's IP address from the blacklist by using
the undo blacklist ip 5.5.5.5 command.
Within 50 minutes, drop Host C's packets received.
After 50 minutes, normally forward Host C's packets received.
73BTraffic statistics configuration example
163BNetwork requirements
As shown in 322HFigure 43, configure traffic statistics in security zone Trust, and configure UDP flood attack
protection to protect the internal server against UDP flood attacks.
Figure 43 Network diagram
164BConfiguration procedure
# Specify IP addresses to interfaces and add them into security zones. (Details not shown.)
# Create attack protection policy 1.
<Firewall> system-view
[Firewall] attack-defense policy 1
# Enable UDP flood attack protection.