User guide
Firewall command reference Firewall
4-133
iMG/RG Software Reference Manual (IPNetwork Functions)
Example --> firewall set IDS scanperiod 90
See also security set IDS scanperiod
4.3.2.0.32 FIREWALL SET IDS SCANTHRESHOLD
Syntax FIREWALL SET IDS SCANTHRESHOLD <MAX>
Description This command allows you to set the maximum number of scanning packets that can be
received before a port scan is detected. If the number of scanning packets counted within
the time duration set by the command FIREWALL SET IDS SCANPERIOD is greater than
the maximum value set here, the suspected attacker is blocked for the time limit specified
in the command FIREWALL SET IDS SCANATTACKBLOCK.
For example, using the default settings, if more than 5 scanning packets are received per
second for a 60 second duration, the attacker is blocked.
Note: This command is nothing but an alias of the corresponding “security set IDS” command
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> firewall set IDS scanthreshold 8
See also security set IDS scanthreshold
4.3.2.0.33 FIREWALL SHOW IDS
Syntax FIREWALL SHOW IDS
Description This command displays the following information about IDS settings:
• IDS enabled status (true or false)
• Blacklist status (true or false)
Option Description Default Value
duration The length of time (in seconds) that scanning type
traffic is counted for.
60 (seconds)
Option Description Default Value
max Maximum number of scanning packets that can be
received before a port scan attack is detected.
5 (per second)