NETGEAR M7100-24X Switch User Manual


 
Switching Commands
196
ProSafe M4100 and M7100 Managed Switches
dos-control tcpfrag
This command enables TCP Fragment Denial of Service protection. If the mode is enabled,
Denial of Service prevention is active for this type of attack. If packets ingress having IP
Fragment Offset equal to one (1), the packets will be dropped if the mode is enabled.
Default
Format dos-control tcpfrag
Mode
no dos-control tcpfrag
This command disabled TCP Fragment Denial of Service protection.
Format no dos-control tcpfrag
Mode
dos-control tcpflag
This command enables TCP Flag Denial of Service protections. If the mode is enabled,
Denial of Service prevention is active for this type of attacks. If packets ingress having TCP
Flag SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP
Sequence Number set to 0 or having TCP Flags FIN, URG, and PSH set and TCP Sequence
Number set to 0 or having TCP Flags SYN and FIN both set, the packets will be dropped if
the mode is enabled.
Default
Format dos-control tcpflag
Mode
no dos-control tcpflag
This command sets disables TCP Flag Denial of Service protections.
Format no dos-control tcpflag
Mode
dos-control l4port
This command enables L4 Port Denial of Service protections. If the mode is enabled, Denial
of Service prevention is active for this type of attack. If packets ingress having Source
TCP/UDP Port Number equal to Destination TCP/UDP Port Number, the packets will be
dropped if the mode is enabled.
disabled
Global Config
Global Config
disabled
Global Config
Global Config