3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
164 CHAPTER 10: ATTACK PREVENTION AND PACKET STATISTICS
Displaying and
Debugging Packet
Statistics
You can execute the display command in any view and the reset command in
user view.
Configuring an SMTP
Client
The Firewall module supports SMTP client functions, which can create and send
mails to the specified address at a predefined time. Timed mails can provide the
administrator with firewall information on attacks and defends, traffic alarms, web
page filtering and mail filtering. This enables the administrator informed of firewall
statistics, and improves firewall flexibility and maintainability significantly.
n
Normal SMTP client operation relies on the name resolution by the DNS client
(DNSC). For DNSC configuration, see section
“Configuring DNS Client”
“Configuring DNS Client”.
Configuring Mail
Triggering Time
This is to specify the time that the firewall triggers mails.
Perform the following configurations in system view.
By default, no mail triggering time is configured.
Enable the debugging of Ping of Death attack
prevention
debugging firewall defend ping-of-death
Enable the debugging of TearDrop attack
prevention
debugging firewall defend teardrop
Enable the debugging of TCP flag validity
detection attack prevention
debugging firewall defend tcp-flag
Enable the debugging of IP fragmentation
packet detection attack prevention
debugging firewall defend ip-fragment
Enable the debugging of large ICMP packet
attack prevention
debugging firewall defend large-icmp
Table 187 Display and debug attack prevention
Operation Command
Tabl e 188 Displaying packet statistics
Operation Command
Display statistics of the firewall display firewall statistic { system | zone
zone-name { inzone | outzone } | ip ip-address {
source-ip | destination-ip | both } }
Display the statistics of the firewall display firewall statistic system [ defend |
flow-percent ]
Clear the statistics of the firewall reset firewall statistic system [ defend | current ]
Clear the zone statistics of the firewall reset firewall statistic zone zone-name { inzone |
outzone }
Clear the IP statistics of the firewall reset firewall statistic ip ip-address { source-ip |
destination-ip | both }
Tabl e 189 Configure mail triggering time
Operation Command
Configure mail triggering time. smtpc trigger time hh:mm
Cancel the configured mail triggering time. undo smtpc trigger { all | time hh:mm }