Amer Networks WLO220T CLI User Manual

C O M M A N D D E S C R I P T I O N S

zone

2

98

CLI Reference Guide

ip-unknown-opt

Turns on the detection of IP packets with bad or malformed options. The default setting is on
(so that packets with unknown IP options will be dropped).

reject-reset-limit

Configures the maximum rate at which the device will send TCP resets (and ICMP unreach-
ables) per source zone. The default value is 5000. Valid values are 0 to 16777214. Use the
corresponding unset zone command to reset this value back to the default value of 5000.

reverse-route-check

Verify ingress interface against routing table. The default setting is on (does not take effect in
transparent mode). The default setting is on.

source-hold-down seconds

The seconds value can be from 2-3600. The default setting is on.

syn-fin

Drop TCP packets with both SYN and FIN set. The default setting is on.

syn-flood

Rate limit TCP SYN packets per IP. Use the corresponding unset zone command to set an
“unlimited” rate. The default setting is on.

syn-frag

Drop fragmented TCP SYN packets. The default setting is on.

tcp-no-flag

Drop TCP packets with no flag bits set. The default setting is on.

udp-flood

Rate limit of UDP packets. Use the corresponding unset zone command to set an “unlimited”
rate. Valid values are 0-16777214 per record. The default setting is “unlimited”.

all

get zone all [ ... ]

all

Displays information on all existing zones.

block

set zone zone block

unset zone zone block

block

Imposes intra-zone traffic blocking.