< Home

detect max-bytes

Function

The detect max-bytes command specifies the maximum number of bytes to be detected by the SA module.

The undo detect max-bytes command restores the maximum number of bytes detected by the SA module to the default value.

By default, the maximum number of bytes is 2048.

Format

detect max-bytes max-bytes

undo detect max-bytes

Parameters

Parameter Description Value
max-bytes Specifies the maximum number of bytes to be detected. The value is an integer ranging from 1 to 10240.

Views

SA view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

This command is used to specify the maximum number of bytes detected by the SA module to prevent certain applications from evading the detection by using small packets. In common cases, the default maximum value can meet the requirement. If the value is too large, the device performance may deteriorate. If the value is too small, the device may fail to detect certain applications.

Prerequisites

Before running this command, you must run the defence engine enable command to enable the IAE.

Example

# Set the maximum number of bytes to be detected by the SA module to 4096.

<HUAWEI> system-view
[HUAWEI] defence engine enable
[HUAWEI] sa
[HUAWEI-sa] detect max-bytes 4096
Parent Topic: ECA Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >