Login
- Table of Contents
-
- 07-Security Command Reference
- 00-Preface
- 01-AAA Commands
- 02-802.1X Commands
- 03-MAC Authentication Commands
- 04-Portal Commands
- 05-Port Security Commands
- 06-User Profile Commands
- 07-Password Control Commands
- 08-Public Key Commands
- 09-PKI Commands
- 10-SSH Commands
- 11-SSL Commands
- 12-SSL VPN Commands
- 13-TCP Attack Protection Commands
- 14-ARP Attack Protection Commands
- 15-IPsec Commands
- 16-ALG Commands
- 17-Firewall Commands
- 18-Session Management Commands
- 19-Web Filtering Commands
- 20-User Isolation Commands
- 21-Source IP Address Verification Commands
- 22-FIPS Commands
- 23-Protocol Packet Rate Limit Commands
- 24-Attack detection and protection commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 13-TCP Attack Protection Commands | 31.12 KB |
TCP attack protection configuration commands
display tcp status
Use display tcp status to display the status of all TCP connections for monitoring TCP connections.
Syntax
display tcp status [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display the status of all TCP connections.
<Sysname> display tcp status
*: TCP MD5 Connection
TCPCB Local Add:port Foreign Add:port State
03e37dc4 0.0.0.0:4001 0.0.0.0:0 Listening
04217174 100.0.0.204:23 100.0.0.253:65508 Established
Table 1 Command output
|
Field |
Description |
|
*: TCP MD5 Connection |
If the status information of a TCP connection contains an asterisk (*), the TCP adopts the MD5 algorithm for authentication. |
|
TCPCB |
TCP control block. |
|
Local Add:port |
Local IP address and port number. |
|
Foreign Add:port |
Remote IP address and port number. |
|
State |
State of the TCP connection. |
tcp syn-cookie enable
Use tcp syn-cookie enable to enable the SYN Cookie feature to protect the device against SYN Flood attacks.
Use undo tcp syn-cookie enable to disable the SYN Cookie feature.
Syntax
tcp syn-cookie enable
undo tcp syn-cookie enable
Default
The SYN Cookie feature is enabled.
Views
System view
Default command level
2: System level
Examples
# Enable the SYN Cookie feature.
<Sysname> system-view
[Sysname] tcp syn-cookie enable
