User guide
Firewall command reference Firewall
4-131
iMG/RG Software Reference Manual (IPNetwork Functions)
Description This command allows you to set the time limit during which suspected SYN floods are
counted. If the number of SYN floods counted within the specified duration is greater
than the threshold set by either FIREWALL SET IDS FLOODTHRESHOLD OR FIRE-
WALL SET IDS PORTFLOODTHRESHOLD, the suspected attacker is blocked for the
time limit specified in the command FIREWALL SET IDS DOSATTACKBLOCK.
Note: This command is nothing but an alias of the corresponding “security set IDS” command
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> firewall set IDS floodperiod 60
See also security set IDS floodperiod
4.3.2.0.29 FIREWALL SET IDS FLOODTHRESHOLD
Syntax FIREWALL SET IDS FLOODTHRESHOLD <MAX>
Description This command allows you to set the maximum number of SYN packets allowed before a
flood is detected. If the number of SYN packets counted within the time duration set by
the command FIREWALL SET IDS FLOODPERIOD is greater than the maximum value
set here, the suspected attacker is blocked for the time limit specified in the command
FIREWALL SET IDS DOSATTACKBLOCK.
For example, using the default settings, if more than 20 SYN packets are received per sec-
ond for a 10 second duration, the attacker is blocked.
Note: This command is nothing but an alias of the corresponding “security set IDS” command
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Option Description Default Value
duration The length of time (in seconds) that suspected
SYN floods are counted for.
10
Option Description Default Value
max Maximum number of SYN packets that can be
received before a flood is detected.
20 (per second)