Manualshelf

HP VPN Firewall Appliances Attack Protection Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
14
Parameters
drop-packet: Drops all subsequence connection requests to the attacked IP address.
trigger-tcp-proxy: Adds a protected IP address entry for the attacked IP address and triggers the TCP
proxy function.
Examples
# Configure the SYN flood protection policy to drop SYN flood attack packets.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense syn-flood action drop-packet
Related commands
tcp-proxy enable
defense syn-flood enable
display attack-defense policy
defense syn-flood enable
Use defense syn-flood enable to enable SYN flood attack protection.
Use undo defense syn-flood enable to restore the default.
Syntax
defense syn-flood enable
undo defense syn-flood enable
Default
SYN flood attack protection is disabled.
Views
Attack protection policy view
Default command level
2: System level
Examples
# Enable SYN flood attack protection in attack protection policy 1.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense syn-flood enable
Related commands
defense syn-flood
display attack-defense policy
defense syn-flood ip
Use defense syn-flood ip to configure the action and silence thresholds for SYN flood attack protection
of a specific IP address.