Motorola Netopia® Router CLI Commands 2-85

Stateful Inspection Commands

See also:

“Stateful Inspection Configuration Commands” on page 2-32 for Ethernet interface commands, and

“Stateful Inspection Commands” on page 3-21 for Connection Profile commands.

Note: The commands in this section are supported beginning with Firmware Version 8.2.

ip state-insp udp-timeout value show ip state-insp udp-timeout

These commands allow you to specify or show the UDP timeout value for the stateful inspection feature. The UDP timeout range is between 30 and 65535 seconds.

ip state-insp tcp-timeout value show ip state-insp tcp-timeout

These commands allow you to specify or show the TCP timeout value for the stateful inspection feature. The TCP timeout range is between 30 and 65535 seconds.

ip state-insp dos-detect [ yes no ] show ip state-insp dos-detect

Note: These commands are supported beginning with Firmware Version 8.7.

These commands allow you to set or show the status of Denial of Service (DoS) detection in the stateful inspection feature. Packets are monitored for DoS attack detection if this option is set to yes. Offending packets maybe discarded if it is determined to be a DoS attack.

ip state-inspxposed-addr{ [server-list-tag start-ip-addr end-ip-addr] }

{[protocol start-port end-port] }

no ip state-insp xposed-addr { [server-list-tag] } show ip state-insp xposed-addr abc

These commands allow you to add an entry to the specified list, or, if list does not exist, create the list for the stateful inspection feature. Accepted values for protocol are tcp, udp, or both. The show command allows you to display exposed entries in the list specified by the tag. The no command removes all addresses in the list and deletes the list.

Page 97
Image 97
Netopia CLI 874 manual Stateful Inspection Commands