The flood-detect interval command sets the flood attack detection interval.
The undo flood-detect interval command restores the default flood attack detection interval.
By default, the flood attack detection interval is 10 seconds.
Parameter |
Description |
Value |
|---|---|---|
interval interval |
Specifies the interval for flood attack detection. |
The value is an integer that ranges from 10 to 120, in seconds. |
Usage Scenario
A flood attack occurs when an AP receives a large number of packets of the same type within a short period. As a result, the AP is flooded by too many attack packets to process service packets from authorized wireless terminals.
After the flood attack detection function is enabled, an AP counts the number of packets of the same type that it receives from a user at regular intervals. When the number exceeds a specified threshold, the AP considers that the user launches a flood attack. If the dynamic blacklist function is enabled, the user will be added to a dynamic blacklist.
Follow-up Procedure
Run the undo dynamic-blacklist disable command to enable the dynamic blacklist function.
# Set the flood attack detection interval to 120s.
<HUAWEI> system-view [HUAWEI] wlan [HUAWEI-wlan-view] ap-group name office [HUAWEI-wlan-ap-group-office] radio 0 [HUAWEI-wlan-group-radio-office/0] wids attack detect flood enable [HUAWEI-wlan-group-radio-office/0] quit [HUAWEI-wlan-ap-group-office] quit [HUAWEI-wlan-view] wids-profile name huawei [HUAWEI-wlan-wids-prof-huawei] flood-detect interval 120