Manualshelf

HP MSR2000/3000/4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
341342343344345346347348349350
332
tcp syn-check
Use tcp syn-check to configure ASPF to drop any non-SYN packet that is the first packet over a TCP
connection.
Use undo tcp syn-check to restore the default.
Syntax
tcp syn-check
undo tcp syn-check
Default
ASPF does not drop any non-SYN packet that is the first packet over a TCP connection.
Views
ASPF policy view
Predefined user roles
network-admin
Usage guidelines
An ASPF supports first packet inspection for TCP connection. If the first packet over a TCP connection is
not a SYN packet, the ASPF permits or discards the packet as configured.
Examples
# Configure ASPF policy 1 to drop any non-SYN packet that is the first packet over a TCP connection.
<Sysname> system-view
[Sysname] aspf policy 1
[Sysname-aspf-policy-1] tcp syn-check
Related commands
aspf policy