Manualshelf

HP VPN Firewall Appliances Attack Protection Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
41
arp anti-attack source-mac
Use arp anti-attack source-mac to enable the source MAC-based ARP attack detection and specify a
handling method.
Use undo arp anti-attack source-mac to restore the default.
Syntax
arp anti-attack source-mac { filter | monitor }
undo arp anti-attack source-mac [ filter | monitor ]
Default
Source MAC-based ARP attack detection is disabled.
Views
System view
Default command level
2: System level
Parameters
filter: Generates log messages and discards subsequent ARP packets from the MAC address.
monitor: Only generates log message.
Usage guidelines
This function enables the router to check the source MAC address of ARP packets received from the same
MAC address within 5 seconds against a specific threshold. If the threshold is exceeded, the router takes
the preconfigured method to handle the attack.
If neither the filter nor the monitor keyword is specified in the undo arp anti-attack source-mac command,
both handling methods are disabled.
Examples
# Enable the source MAC-based ARP attack detection and specify the filter handling method.
<Sysname> system-view
[Sysname] arp anti-attack source-mac filter
arp anti-attack source-mac aging-time
Use arp anti-attack source-mac aging-time to configure the age time for source MAC-based ARP attack
detection entries.
Use undo arp anti-attack source-mac aging-time to restore the default.
Syntax
arp anti-attack source-mac aging-time time
undo arp anti-attack source-mac aging-time
Default
The age time for ARP attack entries is 300 seconds (5 minutes).