D-Link DES-3200 Switch User Manual


 
xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide
361
config dos_prevention dos_type
Purpose
This command is used to discard the L3 control packets sent to CPU
from specific ports.
Syntax
config dos_prevention dos_type [ {land_attack | blat_attack |
smurf_attack | tcp_null_scan | tcp_xmascan | tcp_synfin |
tcp_syn_srcport_less_1024} (1) | all] {action [ drop | mirror <port> {priority
<value 0-7> | rx_rate [ no_limit | <value 64-1024000> ] } ] | enable |
disable ] } (1)
Description
This command is used to configure the prevention of DoS attacks, and
includes state and action. The packets matching will be used by the
hardware. For a specific type of attack, the content of the packet,
regardless of the receipt port or destination port, will be matched against
a specific pattern.
Parameters
The type of DoS attack. Possible values are as follows:
land_attack
blat_attack
smurf_attack
tcp_null_scan
tcp_xmascan
tcp_synfin
tcp_syn_srcport_less_1024
state - Enable or disable DoS prevention.
By default, prevention for all types of DoS are enabled except for
tcp_syn_srcport_less_1024.
action - When enabling DoS prevention, the following actions can be
taken.
drop – Drop the attack packets.
mirror – Mirror the packet to other port for further process.
priority – Change packet priority by the Switch from 0 to 7.
If the priority is not specified, the original priority will be used.
rx_rate – controls the rate of the received DoS attack packets.
If not specified, the default action is drop.
Restrictions
Only Administrator-level users can issue this command.
Example usage
To configure a land attack and blat attack prevention:
DES-3200-28:4# config dos_prev
ention dos_type land_attack blat_attack state
enable action drop
Command: config dos_prevention dos_type land_attack blat_attack state enable
action drop
Success.
DES-3200-28:4#
enable dos_prevention trap_log
Purpose
Used to enable a DoS prevention trap/log.
Syntax
enable dos_prevention trap_log
Description
This command is used to send traps and logs when a DoS attack event
occurs. The event will be logged only when the action is specified as