R0106-HP MSR Router Series Security Configuration Guide(V7)
478
[Router-attack-defense-policy-a1] http-flood action logging client-verify
[Router-attack-defense-policy-a1] quit
# Apply attack defense policy a1 to interface GigabitEthernet 2/1/1.
[Router] interface gigabitethernet 2/1/1
[Router-GigabitEthernet2/1/1] attack-defense apply policy a1
[Router-GigabitEthernet2/1/1] quit
# Enable HTTP client verification on interface GigabitEthernet 2/1/1.
[Router] interface gigabitethernet 2/1/1
[Router-GigabitEthernet2/1/1] client-verify http enable
[Router-GigabitEthernet2/1/1] quit
Verifying the configuration
# If an HTTP flood attack occurs, verify that the victim's IP address is added to the protected IP list for
HTTP client verification.
[Router] display client-verify http protected ip
IP address VPN instance Port Type TTL(min) Requested Trusted
192.168.1.10 -- 8080 Dynamic 30 20 12