beautypg.com

Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 1164

background image

1156

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

21

no event client-anomaly

[dos-broadcast-deauth|fuzzing-all-zero-macs|fuzzing-invalid-frame-type|fuzzin

g-invalid-mgmt-frames|fuzzing-invalid-seq-num|identical-src-and-dest-addr|inv

alid-8021x-frames|netstumbler-generic|non-conforming-data|wellenreiter]

{filter-ageout <0-86400>}

no event excessive [80211-replay-check-failure|aggressive-scanning|

auth-server-failures|decryption-failures|dos-assoc-or-auth-flood|dos-eapol-st

art-storm|

dos-unicast-deauth-or-disassoc|eap-flood|eap-nak-flood|frames-from-unassoc-st

ation] {filter-ageout <0-86400>|threshold-client <0-65535>|threshold-radio

<0-65535>}

no event

Disables WIPS policy event tracking

client-anomaly

Disables client anomaly event tracking

dos-broadcast-deauth

Disables DoS broadcast deauthentication event tracking

fuzzing-all-zero-macs

Disables Fuzzing tracking: All zero MAC addresses observed

fuzzing-invalid-frame-type

Disables Fuzzing tracking: Invalid frame type detected

fuzzing-invalid-mgmt-frames

Disables Fuzzing tracking: Invalid management frame

fuzzing-invalid-seq-num

Disables Fuzzing tracking: Invalid sequence number

identical-src-and-dest-addr

Disables the tracking of identical source and destination addresses

invalid-8021x-frames

Disables Fuzzing tracking: Invalid 802.1x frames

netstumbler-generic

Disables Netstumbler (v3.2.0, 3.2.3, 3.3.0) event tracking

non-conforming-data

Disables non conforming data packet tracking

wellenreiter

Disables Wellenreiter event tracking

filter-ageout
<0-86400>

The following keywords are common to all client anomaly events:

Optional. Resets the filter expiration interval in seconds

<0-86400> – Resets a filter ageout interval from 0 - 86400 seconds

no event

Disables WIPS policy event tracking

excessive

Disables the tracking of excessive events. Excessive events consist of actions that are performed
continuously and repetitively.

80211-replay-check-failure

Disables the tracking of 802.11 replay check failure

aggressive-scanning

Disables aggressive scanning event tracking

auth-server-failures

Disables the tracking of failures reported by authentication servers

decryption-failures

Disables the tracking of decryption failures

dos-assoc-or-auth-flood

Disables DoS association or authentication flood tracking

dos-eapol-start-storm

Disables the tracking of DoS EAPOL start storms

dos-unicast-deauth-or-disass
oc

Disables DoS disassociation or deauthentication flood tracking

eap-flood

Disables the tracking of EAP floods

eap-nak-flood

Disables the tracking of EAP NAKfloods

frames-from-unassoc-station

Disables the tracking of frames from unassociated clients

filter-ageout
<0-86400>

Optional. Resets the filter expiration interval in seconds. It resets the duration for which a client is filtered.
The client is added to a ACL as a special entry and frames received from this client are dropped.

<0-86400> – Resets a filter ageout interval from 0 - 86400 seconds

See also other documents in the category Brocade Computer Accessories: