629
undo icmp-flood detect non-specific
Default
ICMP flood attack detection is not enabled for non-specific IPv4 addresses.
Views
Attack defense policy view
Predefined user roles
network-admin
Usage guidelines
This command enables global ICMP flood attack detection. It applies to all IP addresses except for those
specified by the icmp-flood detect ip command. The system uses the global trigger threshold set by the
icmp-flood threshold command and global actions specified by the icmp-flood action command.
Examples
# Enable ICMP flood attack detection for non-specific IPv4 addresses in attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] icmp-flood detect non-specific
Related commands
• icmp-flood action
• icmp-flood detect ip
• icmp-flood threshold
icmp-flood threshold
Use icmp-flood threshold to set the global threshold for triggering ICMP flood attack prevention.
Use undo icmp-flood threshold to restore the default.
Syntax
icmp-flood threshold threshold-value
undo icmp-flood threshold
Default
The global threshold is 1000 for triggering ICMP flood attack prevention.
Views
Attack defense policy view
Predefined user roles
network-admin
Parameters
threshold-value: Specifies the threshold for triggering ICMP flood attack prevention. The value range is 1
to 1000000 in units of ICMP packets sent to an IP address per second.
To Next Page
Loading...
Need help?
General
