abnormal-packet-defend enable

Function

The abnormal-packet-defend enable command enables defense against malformed packet attacks.

The undo abnormal-packet-defend enable command disables defense against malformed packet attacks.

By default, defense against malformed packet attacks is enabled.

Format

abnormal-packet-defend enable

undo abnormal-packet-defend enable

Parameters

None

Views

Attack defense policy view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
device-mgr write

Usage Guidelines

Usage Scenario

When defense against malformed packet attacks is enabled, the interface board checks the received malformed packets (IP null payload packets, LAND attack packets, Smurf attack packets, and TCP tag bit invalid attack packets). Send the packets that pass check. Discard the packets that fail check.

In VS mode, this command is supported only by the admin VS.

Example

# Enable defense against malformed packet attacks of attack defense policy 7.
<HUAWEI> system-view
[~HUAWEI] cpu-defend policy 7
[*HUAWEI-cpu-defend-policy-7] abnormal-packet-defend enable
Parent Topic: Local Attack Defense Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >