Cisco SCE 1000 2xGBE User's Guide Page 246

  • Download
  • Add to my manuals
  • Print
  • Page
    / 490
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 245
Chapter 9 Identifying And Preventing Distributed-Denial-Of-Service Attacks
Monitoring Attack Filtering
SCE 1000 2xGBE Release 2.0.10 User Guide
9-14 OL-7117-02
To undo forced attack filtering for the specified situation:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 force-
filter ip <IP-address> protocol (TCP|UDP|ICMP|other) attack-
direction (attack-source|attack-destination|both) side
(subscriber|network|both) and press Enter.
To undo all forced attack filtering:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 force-
filter all and press Enter.
Monitoring Attack Filtering
Use these commands to monitor attack detection and filtering:
show interface linecard 0 attack-detector
show interface linecard 0 attack-filter
show interface linecard 0 attack-filter query
show interface linecard 0 attack-filter current-attacks
show interface linecard 0 attack-filter dont-filter
show interface linecard 0 attack-filter force-filter
show interface linecard 0 attack-filter subscriber-notification ports
Note
All the above CLI commands are privikeged exec commands. If in line interface configuration mode,
you must exit to the privileged exec mode and see the SCE 1000# prompt displayed
To display a specified attack detector configuration:
Step 1 From the SCE 1000# prompt, type show interface linecard 0 attack-
detector <number> and press Enter.
Page view 245
1 ... 245 246 247 ... 490

Comments to this Manuals

No comments