Chapter 9 Identifying And Preventing Distributed-Denial-Of-Service Attacks
Monitoring Attack Filtering
SCE 1000 2xGBE Release 2.0.10 User Guide
9-14 OL-7117-02
To undo forced attack filtering for the specified situation:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 force-
filter ip <IP-address> protocol (TCP|UDP|ICMP|other) attack-
direction (attack-source|attack-destination|both) side
(subscriber|network|both) and press Enter.
To undo all forced attack filtering:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 force-
filter all and press Enter.
Monitoring Attack Filtering
Use these commands to monitor attack detection and filtering:
• show interface linecard 0 attack-detector
• show interface linecard 0 attack-filter
• show interface linecard 0 attack-filter query
• show interface linecard 0 attack-filter current-attacks
• show interface linecard 0 attack-filter dont-filter
• show interface linecard 0 attack-filter force-filter
• show interface linecard 0 attack-filter subscriber-notification ports
Note
All the above CLI commands are privikeged exec commands. If in line interface configuration mode,
you must exit to the privileged exec mode and see the SCE 1000# prompt displayed
To display a specified attack detector configuration:
Step 1 From the SCE 1000# prompt, type show interface linecard 0 attack-
detector <number> and press Enter.
Comments to this Manuals