User guide
Chapter 9 Identifying And Preventing Distributed-Denial-Of-Service Attacks
Managing Attack Filtering
SCE 1000 2xGBE Release 2.0.10 User Guide
OL-7117-02 9-13
Preventing Attack Filtering
Attack filtering can be prevented for a specified IP address/protocol by executing a dont-
filter CLI command. If filtering is already in process, it will be stopped. When attack filtering
has been stopped, it remains stopped until explicitly restored by another CLI command (either
force-filter or no dont-filter).
To prevent attack filtering for the specified situation:
Step 1 From the SCE 1000# prompt, type attack-filter slot 0 dont-filter ip
<IP-address> protocol (TCP|UDP|ICMP|other) attack-direction
(attack-source|attack-destination|both) side
(subscriber|network|both)and press Enter.
To restore automatic attack filtering for the specified situation:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 dont-filter
ip <IP-address> protocol (TCP|UDP|ICMP|other) attack-
direction (attack-source|attack-destination|both) side
(subscriber|network|both)and press Enter.
To restore all stopped attack filtering:
Step 1 From the SCE 1000# prompt, type no attack-filter slot 0 dont-filter
all and press Enter.
Forcing Attack Filtering
Attack filtering can be forced for a specified IP address/protocol. If filtering is already in process,
it will be stopped. Forced attack filtering will continue until undone by an explicit CLI command
(either no force-filter or dont-filter).
To force attack filtering for the specified situation:
Step 1 From the SCE 1000# prompt, type attack-filter slot 0 force-filter
action (report|block) ip <IP-address> protocol
(TCP|UDP|ICMP|other) attack-direction (attack-source|attack-
destination|both) side (subscriber|network|both)[notify-subscriber] and press
Enter.