firewall set IDS
49
Model 3231 CLI Reference Guide
5 • Firewall Commands
firewall set IDS
Configure the firewall Intrusion Detection Service (IDS) feature.
Table 31. firewall set IDS
Command
Explanation
firewall set IDS DOSattackblock
<duration>
Set the length of time (in seconds) that
the firewall blocks suspicious hosts for
once a DOS attack attempt has been
detected by the firewall.
MaxICMP
<max>
Set the maximum number (per second) of
ICMP packets that are allowed before
an ICMP Flood attempt is detected.
MaxPING
<max>
Set the maximum number (per second) of
pings that are allowed before an Echo
Storm attempt is detected.
MaxTCPopenhandshake <max>
Set the maximum number of unfinished
TCP handshaking sessions per second
that are allowed by the firewall before a
SYN Flood is detected.
SCANattackblock
<duration>
Set the length of time (in seconds) that
the firewall blocks all suspicious hosts for
after it has detected scan activity on the
firewall.
blacklist
clear
Clear blacklisting of an external host.
disable
Disable blacklisting of an external host if
IDS has detected an intrusion from that
host.
enable
Enable blacklisting of an external host if
IDS has detected an intrusion from that
host.
victimprotection
disable
Disable the victim protection feature.
enable
Protect the victim from an attempted
spoofing attack.