User's Manual

369
packet threshold equals to 3/4 of the
attack filter packet threshold
Switch_config# filter shutdown-action Sets shutdown of the port when
detecting the attack source in raw
mode.
49.3.1 Configuring the Attack Prevention Type
In global and interface configuration mode, use the following command to configure the type of attack filter.
Command Purpose
Switch# config Enters the global configuration mode.
Switch_config# filter dhcp Enables DHCP packet attack filter in
the global configuration mode.
Switch_config# filter icmp Enables ICMP packet attack filter.
Switch_config#
filter
icmpv6
Enables ICMPv6 packet
attack detection.
Switch_config# filter igmp Enables IGMP packet attack filter.
Switch_config# filter ip source-ip Enables IP attack filter in the global
configuration mode.
Switch_config# interface intf-name Enters the interface configuration
mode.
Switch_config_intf# filter arp Enables ARP packet attack filter on the
interface.
Switch_config_intf# filter bpdu Enables BPDU packet attack filter on
the interface.
Switch_config_intf# filter dhcp Enables DHCP packet attack filter on
the interface.
Switch_config_intf# filter icmp Enables ICMP packet attack filter on
the interface.
Switch_config_intf#
filter
icmpv6
Enables ICMPv6 packet
attack detection on the
interface.
Switch_config_intf# filter ip source-ip Enables IP packet attack filter on the
interface.
Note:
ARP attack takes the combination "the host mac address + the source port" as an attack source.
That is to say, packets with the same MAC address but coming from different ports, the count
will not be accumulated. Both the IGMP attack and IP attack take the host’s IP address and
source port as the attack source.