Patton electronic 3231 rewall set IDS

firewall set IDS 49

Model 3231 CLI Reference Guide 5 • Firewall Commands

ﬁrewall set IDS

Conﬁgure the ﬁrewall Intrusion Detection Service (IDS) feature.

Table 31. ﬁrewall set IDS

Command Explanation

ﬁrewall set IDS DOSattackblock <duration> Set the length of time (in seconds) that

the ﬁrewall blocks suspicious hosts for

once a DOS attack attempt has been

detected by the ﬁrewall.

MaxICMP <max> Set the maximum number (per second) of

ICMP packets that are allowed before

an ICMP Flood attempt is detected.

MaxPING <max> Set the maximum number (per second) of

pings that are allowed before an Echo

Storm attempt is detected.

MaxTCPopenhandshake <max> Set the maximum number of unﬁnished

TCP handshaking sessions per second

that are allowed by the ﬁrewall before a

SYN Flood is detected.

SCANattackblock <duration> Set the length of time (in seconds) that

the ﬁrewall blocks all suspicious hosts for

after it has detected scan activity on the

ﬁrewall.

blacklist clear Clear blacklisting of an external host.

disable Disable blacklisting of an external host if

IDS has detected an intrusion from that

host.

enable Enable blacklisting of an external host if

IDS has detected an intrusion from that

host.

victimprotection disable Disable the victim protection feature.

enable Protect the victim from an attempted

spooﬁng attack.

Contents

Main Model 3231 Industrial Ethernet Extender with CLI Reference Guide LCD Summary Table of Contents Table of Contents Page Page Page Page Page About this guide Audience Structure Using the CLI Precautions CAUTION Convention Meaning Table 1. General conventions IMPORTANT Page alarm all alarmStatus Set the alarm state for all alarms. alarm set <index> alarmSeverity Set the index for the severity level of an alarm. alarm set <index> alarmStatus Set the index for the status level of an alarm. alarm show Show alarm status. alarm show Show alarm status. Example Output: alarm show Table 5. alarm show Chapter 2 Bridge Commands Page Page Page Page Page bridge list interfaces List bridge interfaces. bridge list interfaces List bridge interfaces. Example Output: bridge list interfaces Table 11. bridge list interfaces bridge set Congure bridge attributes. bridge show 26 Model 3231 CLI Reference Guide 2 Bridge Commands bridge show Display bridge/interface settings. Example Output: bridge show Example Output: bridge show interface br1 Table 13. bridge show Page cpecong action cpecong set cpecong show Chapter 4 Ethernet Commands Page Page Page ethernet list ethernet set transport Set port of an existing ethernet transport. ethernet show transport Chapter 5 Firewall Commands rewall add policy Add a rewall policy. rewall add portlter Add a port lter to a rewall policy. Page rewall add validator rewall clear Delete all rewall policies or portlters from an existing conguration. rewall delete Delete a rewall policy or portlter from an existing conguration rewall disable Disable rewall features. rewall enable Enable rewall features. rewall list Show information about specic rewall features. Example Output: rewall list policies Example Output: rewall list portlters pex_in firewall list 48 Example Output: rewall list protocol Example Output: rewall list validators pdmz_in rewall set IDS Congure the rewall Intrusion Detection Service (IDS) feature. rewall set securitylevel Set the desired level of security for the rewall. rewall set validator rewall show Display information about a rewall setting. Example Output: rewall show IDS Example Output: rewall show IDS blacklist Example Output: rewall show policy pex_in Example Output: rewall show portlter hei_http pex_in Example Output: rewall show validator item0 pdmz_in rewall status Chapter 6 G.SHDSL Commands gshdsl set BERMeterMode Congure patetrn generation Page Page Page Page gshdsl set clockingcombination Congure clock mode. Page Page Page Page Page Page Page Page Page Page Page gshdsl show 73 Model 3231 CLI Reference Guide 6 G.SHDSL Commands gshdsl show Display an atttribute for G.SHDSL. Example Output: gshdsl show Table 53. gshdsl show gshdsl show Display all attributes. gshdsl show <attrname> Display a specic attribute. gshdsl showTestMode Display test mode information. gshdsl showTestMode Display Loopback and BERT counters. Example Output: gshdsl showTestMode Table 54. gshdsl showTestMode gshdsl showc Display error counters. Example Output: gshdsl showc gshdsl showc Display error counters. Table 55. gshdsl showc Page Page Chapter 8 IP Commands ip add defaultroute Congure default IP routes. ip add interface Add an IP interface. ip add route Page Page Page ip clear Clear attributes from an IP interface. Page Page ip interface Congure an IP interface. ip interface 89 Example Output: ip interface ip1 list proxyarpentries Example Output: ip interface ip1 list secondaryipaddresses ip list 90 ip list Display information for an IP address. Example Output: ip list arpentries Example Output: ip list connections Table 67. ip list Example Output: ip list interfaces Example Output: ip list riproutes Example Output: ip list routes Page ip set interface Congure specic settings for an IP interface. ip set rip Congure RIP settings for an IP interface. ip set route Congure settings for an IP route. ip show 96 ip show Display information for an IP interface. Example Output: ip show debuginfo Table 72. ip show ip show 97 Example Output: ip show interface ip1 Note See ip interface on page 88 for other interface addresses. Example Output: ip show route default ip traceroute Start or stop a trace route process. Page logger set Congure syslog. logger show Page port ethernet Congure the Ethernet port. port list List ports and port types. Example Output: port list all Example Output: port list atm Example Output: port list ethernet Chapter 11 PPP Commands ppp add transport Add a PPP over HDLC (PPPoH) transport. Page Page ppp list transports ppp set transport Congure properties for a PPPoH transport. Page ppp show transport 112 Model 3231 CLI Reference Guide 11 PPP Commands ppp show transport Display properties for a specic PPPoH transport. ppp show transport <name> Show a single PPPoH transport's properties. Example Output: ppp show transport ppp1 Table 83. ppp show transport Chapter 12 PPPoA Commands pppoa add transport Page Page pppoa list transports pppoa set transport Congure properties for a PPPoA transport. Page Page Page pppoa show transport 122 Model 3231 CLI Reference Guide 12 PPPoA Commands pppoa show transport Display properties for a specic PPPoA transport. pppoa show transport <name> Show a single PPPoA transport's properties. Example Output: pppoa show transport ppp1 Table 89. pppoa show transport Chapter 13 PPPoE Commands pppoe add transport Add a PPP over Ethernet (PPPoE) transport. Page Page pppoe list transports pppoe set transport Congure properties for a PPPoE transport. Page Page Page Page Chapter 14 RFC1483 Commands rfc1483 add transport Create a new transport. Page Page rfc1483 list transports rfc1483 set transport Congure properties for an RFC1483 transport. rfc1483 show transport 139 Model 3231 CLI Reference Guide 14 RFC1483 Commands rfc1483 show transport Display properties for a specic RFC1483 transport. rfc1483 show transport <name> Show a single RFC1483 transport's properties. Example Output: rfc1483 show transport rfc1 Table 101. rfc1483 show transport Chapter 15 Security Commands security add Add security interfaces and triggers. Page Page Page Page security list 146 Model 3231 CLI Reference Guide 15 Security Commands security list List interfaces and triggers. Example Output: security list interfaces Example Output: security list triggers Table 107. security list security set trigger Congure settings for security triggers. security show Display information about a specic interface or trigger. Example Output: security show interface ip1 Example Output: security show trigger t2_h323 security status Display information about all security features. Example Output: security status Page snmp add Add community and trap entries. snmp delete Delete community and trap entries. Page snmp set Congure SNMP properties. snmp show 155 Model 3231 CLI Reference Guide 16 SNMP Commands snmp show Display information for an SNMP conguration. Example Output: snmp show snmp show Show SNMP conguration. Table 115. snmp show Page Page Chapter 18 System Commands system add Add a user to the system. system cong Manage the system conguration. system cpu Manage CPU usage statistics. Example Output: system cpu npOverThreshold Example Output: system cpu npThreshold get Example Output: system cpu npUsage Page Page Page system info 165 Model 3231 CLI Reference Guide 18 System Commands system info Display hardware/software information. Example Output: system info system info Display hardware/software information. Table 122. system info system legal system list 167 Model 3231 CLI Reference Guide 18 System Commands system list List system information. Example Output: system list errors Example Output: system list logins Example Output: system list openles bun Example Output: system list users system log Set system logging options. Example Output: system log list Example Output: system log list op Page system set Set user privileges. system show Page Page Page transports list List all transports. Example Output: transports list transports list List all transports. Table 131. transports list transports show 178 transports show Display information about a specic transport. Example Output: transports show eth1 transports show <name> Show a specied transport. Table 132. transports show Page Page Page Page Chapter 21 Webserver Commands Page Page Page Page webserver set Congure the Web Server settings. webserver show Display information about the Web Server. Example Output: webserver show info Example Output: webserver show stats