Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 923

IPv4 Software Access Control List (ACL) Commands
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
35.37
dos
Use this command to configure Denial-of-Service (DoS) features for a port. Six different
DoS attacks can be detected: IP Options, Land, Ping-of-Death, Smurf, Synflood and
Teardrop.
When the attack is detected, three different actions are available:
1.
Shutdown the port for one minute
2.
Cause an SNMP trap.
3.
Send traffic to the mirror port
Syntax
dos {ipoptions|land|ping-of-death|smurf broadcast <ip-address>|
synflood|teardrop} action {shutdown|trap|mirror}
Mode
Interface Configuration for a switch port interface.
Default
DoS attack detection is not configured by default on any switch port interface.
Parameter
Description
dos
Denial-Of-Service.
ipoptions
IP Options attack.
land
Land attack.
ping-of-death
Large ping attack.
smurf
Ping to broadcast address.
broadcast
Broadcast.
<ip-address>
Local IP Broadcast Address.
synflood
SYN flood attack.
teardrop
IP fragmentation attack.
action
Action.
shutdown
Shutdown port.
trap
Trap to SNMP.
mirror
Send packets to mirror port.