For global stateful inspection commands – Netopia CLI 874 User Manual

Motorola Netopia® Router CLI Commands 2-85

Stateful Inspection Commands

See also:

■

“Stateful Inspection Configuration Commands” on page 2-32

for Ethernet inter face commands, and

■

“Stateful Inspection Commands” on page 3-21

for Connection Profile commands.

Note:

The commands in this section are suppor ted beginning with Firmware Version 8.2.

ip state-insp udp-timeout value
show ip state-insp udp-timeout

These commands allow you to specify or show the UDP timeout value for the stateful inspection feature. The
UDP timeout range is between 30 and 65535 seconds.

ip state-insp tcp-timeout value
show ip state-insp tcp-timeout

These commands allow you to specify or show the TCP timeout value for the stateful inspection feature. The
TCP timeout range is between 30 and 65535 seconds.

ip state-insp dos-detect [ yes | no ]
show ip state-insp dos-detect

Note:

These commands are suppor ted beginning with Firmware Version 8.7.

These commands allow you to set or show the status of Denial of Ser vice (DoS) detection in the stateful
inspection feature. Packets are monitored for DoS attack detection if this option is set to yes. Offending
packets maybe discarded if it is determined to be a DoS attack.

ip state-insp xposed-addr { [ser ver-list-tag star t-ip-addr end-ip-addr] }
{ [protocol star t-por t end-por t] }
no ip state-insp xposed-addr { [ser ver-list-tag] }
show ip state-insp xposed-addr abc

These commands allow you to add an entr y to the specified list, or, if list does not exist, create the list for the
stateful inspection feature. Accepted values for protocol are tcp, udp, or both. The show command allows you
to display exposed entries in the list specified by the tag. The no command removes all addresses in the list
and deletes the list.