background image

http://www.level1.com

 

                                                                                                                              Anti-Attack Configuration Commands   

- 4 - 

parameter

 

none 

Command mode 

Global configuration mode 

example 

Console_config#filter enable 

Related commands 

filter igmp 

filter arp 

1.1.7      show filter   

To display working state of the anti-attack feature of the current switch, use the show 
filter command.   

parameter 

none   

command mode

 

 

non-user mode 

 

Console#show fil 

Filter threshold: 1000 packet in any 10 seconds 

Filters blocked: 

Address                  seconds          source interface 

00a0.0c13.647d        27.0            FastEthernet1/2 

 

Filters counting: 

Address                  seconds          count    source interface 

00a0.0c43.647d          1.84          371        FastEthernet1/2 

Filters blocked: indicates MAC address of the blocked attack source, blocked time and 

source interface.   

Filters  counting:    indicates  MAC  address  of  the  attack  source,  counting  time,  the 
number of the receiving packets and the source interface.

 

Summary of Contents for Level One GTL-2091

Page 1: ...Anti Attack Configuration Commands GTL 2091 V1 0 Digital Data Communications GmbH Germany http www level1 com ...

Page 2: ... Anti Attack Configuration Commands 1 1 1 Anti Attack Configuration Commands 1 1 1 1 filter period time 1 1 1 2 filter threshold value 1 1 1 3 filter block time value 2 1 1 4 filter igmp 3 1 1 5 filter arp 3 1 1 6 filter enable 3 1 1 7 show filter 4 ...

Page 3: ... in seconds It is considered as attack when the attack source sends packets above the specified number in any filter period time default 10 seconds Command mode Global configuration mode example Console_config filter period 15 Related commands filter threshold value 1 1 2 filter threshold value To configure the filter threshold value use the filter thresholf value command parameter parameter Descr...

Page 4: ...ilter period time 1 1 3 filter block time value To configure the time to block attack resource use the filter block time value command parameter parameter description Value Time to block attack source in seconds default 300 seconds command mode global configuration mode example Console_config filter block time 600 Related commands filter period time filter threshold value ...

Page 5: ... configuration mode example Console_config filter igmp Related commands filter enable 1 1 5 filter arp To fliter ARP attack use the filter arp command parameter none Command mode physical interface configuration mode example Console_config_f0 1 filter arp Related commands filter enable 1 1 6 filter enable To enable filter feature use the filter enable command ...

Page 6: ...ter none command mode non user mode Console show fil Filter threshold 1000 packet in any 10 seconds Filters blocked Address seconds source interface 00a0 0c13 647d 27 0 FastEthernet1 2 Filters counting Address seconds count source interface 00a0 0c43 647d 1 84 371 FastEthernet1 2 Filters blocked indicates MAC address of the blocked attack source blocked time and source interface Filters counting i...

Reviews: