Chapter 25 commands for security feature, 1 dosattack-check srcip-equal-dstip enable, 2 dosattack-check ipv4-first-fragment enable – PLANET WGSW-50040 User Manual

Commands for Security Function Chapter 6 Commands for TACACS+

Chapter 25 Commands for

Security Feature

25.1 dosattack-check srcip-equal-dstip enable

Command:

[no] dosattack-check srcip-equal-dstip enable

Function:

Enable the function by which the switch checks if the source IP address is equal to the destination

IP address; the “no” form of this command disables this function.

Default:

Disable the function by which the switch checks if the source IP address is equal to the destination

IP address.

Command Mode:

Global Mode

Usage Guide:

By enabling this function, data packet whose source IP address is equal to its destination address

will be dropped

Example:

Drop the data packet whose source IP address is equal to its destination address

Switch(config)# dosattack-check srcip-equal-dstip enable

25.2 dosattack-check ipv4-first-fragment enable

Command:

[no] dosattack-check ipv4-first-fragment enable

Function:

Enable the function by which the switch checks the first fragment packet of IPv4; the “no” form of

this command disables this function.

Command Mode:

Global Mode

Usage Guide:

This command has no effect when used separately. It should be used associating dosattack-check

tcp-flags enable or dosattack-check srcport-equal-dstport enable command.

Example: