User guide
Appendix A
LineCard Interface Configuration Mode Commands
SCE 1000 2xGBE Release 2.0.10 User Guide
OL-7117-02 A-35
LineCard Interface Configuration Mode Commands
[no] attack-detector default
Defines default thresholds and attack handling action. If a specific attack detector is defined for a
particular situation (protocol/attack direction/side), it will override these defaults.
Use the [no] version of this command to delete the user-defined defaults. The system defaults will
then be used.
Authorization admin
Mode LineCard Interface Configuration
P
ARAMETERS
protocol TCP
UDP
IMCP
other
attack-direction attack-source
attack-destination
both
side subscriber
network
both
action report
block
open-flows Threshold for concurrently open flows
ddos-suspected-flows Threshold for DDoS-suspected flows
U
SAGE GUIDELINES
• Use the notify-subscriber keyword to enable subscriber notification.
• Use the dont-notify-subscriber keyword to disable subscriber notification.
E
XAMPLE 1:
The following example configures a default attack detector for TCP flows from the attack source.
SCE 1000(config if)#attack-detector default protocol TCP attack-direction
attack-source side both action report open-flows 500 ddos-suspected-flows 75
EXAMPLE 2:
The following example enables subscriber notification for the specified situation (protocol/attack
direction/side).
SCE 1000(config if)#attack-detector default protocol TCP attack-direction
attack-source side both notify-subscriber