Verifying the configuration – H3C Technologies H3C SecBlade LB Cards User Manual
Page 270
259
# Create attack protection policy 1.
[LB] attack-defense policy 1
# Enable UDP flood attack protection.
[LB-attack-defense-policy-1] defense udp-flood enable
# Set the global action threshold that triggers UDP flood attack protection to 100 packets per second.
[LB-attack-defense-policy-1] defense udp-flood rate-threshold high 100
# Configure the policy to drop the subsequent packets after a UDP flood attack is detected.
[LB-attack-defense-policy-1] defense udp-flood action drop-packet
[LB-attack-defense-policy-1] quit
# Apply attack protection policy 1 to security zone Trust.
[LB] zone name Trust id 2
[LB-zone-Trust] attack-defense apply policy 1
# Enable the traffic statistics function for packets sourced from security zone Trust.
[LB-zone-Trust] flow-statistic enable outbound
# Enable the traffic statistics function based on packet destination IP address.
[LB-zone-Trust] flow-statistic enable destination-ip
Verifying the configuration
If you suspect that the server is under an attack, you can view the traffic statistics information on the
security zone to check whether there is an attack.
[LB-zone-Trust] display flow-statistics statistics destination-ip 10.1.1.2
Flow Statistics Information
------------------------------------------------------------
IP Address : 10.1.1.2
------------------------------------------------------------
Total number of existing sessions : 13676
Session establishment rate : 2735/s
TCP sessions : 0
Half-open TCP sessions : 0
Half-close TCP sessions : 0
TCP session establishment rate : 0/s
UDP sessions : 13676
UDP session establishment rate : 2735/s
ICMP sessions : 0
ICMP session establishment rate : 0/s
RAWIP sessions : 0
RAWIP session establishment rate : 0/s
TCP packet count : 0
TCP byte count : 0
UDP packet count : 194
UDP byte count : 12264
ICMP packet count : 0
ICMP byte count : 0
RAWIP packet count : 0
RAWIP byte count : 0
[LB-zone-Trust] display flow-statistics statistics zone trust outbound