[x]

Attack detection and prevention commands > syn-ack-flood action

 

 Next

syn-ack-flood action

Use syn-ack-flood action to specify global actions against SYN-ACK flood attacks.

Use undo syn-ack-flood action to restore the default.

Syntax

syn-ack-flood action { drop | logging }*

undo syn-ack-flood action

Default

No global action is specified for SYN-ACK flood attacks.

Views

Attack defense policy view

Predefined user roles

network-admin

mdc-admin

Parameters

drop: Drops subsequent SYN-ACK packets destined for the victim IP addresses.

logging: Enables logging for SYN-ACK flood attack events.

Examples

# Specify drop as the global action against SYN-ACK flood attacks in attack defense policy atk-policy-1.

<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] syn-ack-flood action drop

Related commands

syn-ack-flood detect

syn-ack-flood detect non-specific

syn-ack-flood threshold

prev

 

up

 next

signature level detect 

home

 syn-ack-flood detect

© Copyright 2018 Hewlett Packard Enterprise Development LP