3-22
Virus Throttling (Connection-Rate Filtering)
Configuring and Applying Connection-Rate ACLs
ip-addr <
mask-length
>:
Applies the ACEs action (
filter
or
ignore
) to IP traffic having an SA
within the range
defined by either:
<
src-ip-addr
/
cidr-mask-bits
>
or
<
src-ip-addr
<
mask
>>
Use this criterion for traffic received from either a
subnet or a group of IP addresses. The mask can be in
either dotted-decimal format or CIDR format with the
number of significant bits. Refer to “Using CIDR
Notation To Enter the ACE Mask” on page 3-24.
[ udp/tcp-options ]
destination-port <
tcp-data
> [source-port <
tcp-data
>]
source-port <
tcp-data
> [destination-port <
tcp-data
>]
destination-port <
udp-data
> [source-port <
udp-data
>]
source-port <
udp-data
> [destination-port <
udp-data
>]
t
cp-data: <
operator
> <
tcp-port-#
>
udp-data: <
operator
> <
udp-port-#
>
operator: < eq | gt | lt | neq | range >
eq <
port-nbr-or-name
>:
“Equal To”; to have a
match with the ACE entry, the TCP or UDP
source-port number in a packet must be equal
to the specified port number.
gt:
<
port-nbr-or-name
>:
“Greater Than”; to have
a match with the ACE entry, the TCP or UDP
source-port number in a packet must be
greater than the specified port number.
lt <
port-nbr-or-name
>:
“Less Than”; to have a
match with the ACE entry, the TCP or UDP
source-port number in a packet must be less
than the specified port number.
neq <
port-nbr-or-name
>:
“Not Equal”; to have a
match with the ACE entry, the TCP or UDP
source-port number in a packet must not be
equal to the specified port number.
range <
start-port-nbr
/name > <
end-port-nbr/name
>:
To have a match with the ACE entry, the TCP
or UDP source-port number in a packet must
be in the range
<
start-port-nbr
/name > <
end-
port-nbr/name
>
.
Summary of Contents for E3800 Series
Page 2: ......
Page 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Page 30: ...xxviii ...
Page 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Page 186: ...4 72 Web and MAC Authentication Client Status ...
Page 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Page 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Page 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Page 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Page 730: ...20 Index ...
Page 731: ......