Korenix Technology Co., Ltd.
Industrial
Layer 3 Managed Ethernet Switch
_____________________________________________________________________________
Industrial Layer 3 Managed Ethernet SwitchUser Manual
Page: 421/1568
6.9.8.2.3 dos-control firstfrag
This command enables IP First Fragment Denial of Service protection. If the mode is enabled, Denial of
Service prevention is active for this type of attack. If packets ingress having More Fragments(MF) equal
to 1 and coorperate with other DoS options, the packets will be dropped if the mode is enabled.
Syntax
dos-control firstfrag
no dos-control firstfrag
no -
This command disabled IP First Fragment Denial of Service protection.
Default Setting
Disabled
Command Mode
Global Config
6.9.8.2.4 dos-control tcpflag
This command enables TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service
prevention is active for this type of attacks. If packets ingress having TCP Flag SYN set and a source
port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having
TCP Flags FIN, URG, and PSH set and TCP Sequence Number set to 0 or having TCP Flags SYN and
FIN both set, the packets will be dropped if the mode is enabled.
Syntax
dos-control tcpflag
no dos-control tcpflag
no -
This command sets disables TCP Flag Denial of Service protections.
Default Setting
Disabled
Command Mode
Global Config