Set dos, Syntax, Parameters – Allied Telesis AT-S63 User Manual

Chapter 17: Denial of Service (DoS) Defense Commands

228

SET DOS

Syntax

set dos ipaddress=

ipaddress

subnet=

mask

uplinkport=

port

Parameters

ipaddress

Specifies the IP address of one of the devices
connected to the switch, preferably the lowest IP
address.

subnet

Specifies the subnet mask of the LAN. A binary “1”

indicates the switch should filter on the corresponding
bit of the address, while a “0” indicates that it should
not.

uplinkport

Specifies the port on the switch that is connected to a

device (for example, a DSL router) that leads outside
the network. You can specify only one port. This
parameter is required only for the Land defense.

Description

This command is required for the SMURF and Land defenses. The
SMURF defense uses the LAN address and mask to determine the
broadcast address of your network. The Land defense uses this
information to determine which traffic is local and which is remote to your
network.

As an example, assume that the devices connected to a switch are using
the IP address range 149.11.11.1 to 149.11.11.50. The IP address would
be 149.11.11.1 and the mask would be 0.0.0.63.

Examples

The following command sets the IP address to 149.11.11.1 and the mask
to 0.0.0.63:

set dos ipaddress=149.11.11.1 subnet=0.0.0.63

The following command sets the IP address to 149.22.22.1, the mask to
0.0.0.255, and the uplink port for the Land defense to port 24:

set dos ipaddress=149.22.22.1 subnet=0.0.0.255 uplinkport=24