Login

WelcomeuserNew H3C退出

English

Contact Sales Online Exhibition Center Resource Center Become a Partner
Back

07-Security Command Reference

HomeSupportReference GuidesCommand ReferencesH3C WX Series Access Controllers Command References(R3308 R2308)-6W10707-Security Command Reference
Table of Contents
Related Documents
12-TCP and ICMP Attack Protection Commands
Title Size Download
12-TCP and ICMP Attack Protection Commands 57.21 KB

Contents

TCP attack protection configuration commands 1

display tcp status 1

tcp syn-cookie enable· 2

 

display tcp status

Syntax

display tcp status [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display tcp status to display status of all TCP connections for monitoring TCP connections.

Examples

# Display status of all TCP connections.

<Sysname> display tcp status

*: TCP MD5 Connection

TCPCB           Local Add:port      Foreign Add:port        State

03e37dc4        0.0.0.0:4001            0.0.0.0:0           Listening

04217174        100.0.0.204:23      100.0.0.253:65508   Established

Table 1 Command output

Field

Description

*: TCP MD5 Connection

If the status information of a TCP connection contains asterisk (*), the TCP adopts the MD5 algorithm for authentication.

TCPCB

TCP control block.

Local Add:port

Local IP address and port number.

Foreign Add:port

Remote IP address and port number.

State

State of the TCP connection.

 

tcp syn-cookie enable

Syntax

tcp syn-cookie enable

undo tcp syn-cookie enable

View

System view

Default level

2: System level

Parameters

None

Description

Use tcp syn-cookie enable to enable the SYN Cookie feature to protect the device against SYN Flood attacks.

Use undo tcp syn-cookie enable to disable the SYN Cookie feature.

By default, the SYN Cookie feature is enabled.

Examples

# Enable the SYN Cookie feature.

<Sysname> system-view

[Sysname] tcp syn-cookie enable

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Intelligent Storage
  • Security
  • SMB Products
  • Intelligent Terminal Products

Cloud & AI

H3C Workspace Cloud Desktop

Learn more

Intelligent Connection

Intelligent Computing

H3C UniServer R4900 G5 Server

Learn more

Intelligent Storage

Security

Situational Awareness

Learn more

Zero Trust Security Solution

Learn more

SMB Products

Intelligent Terminal Products

Industry Solutions

The Government Cloud “1+N+N+1” Innovation Model Becomes a Template

Learn more

Strong Support for the G20 Hangzhou Summit

Learn more
  • Product Support Services
  • Technical Service Solutions
All Services

Product Support Services

Technical Service Solutions

  • Resource Center
  • Policy
  • Online Help
  • Technical Blogs
All Support

Resource Center

Policy

Online Help

Technical Blogs

Training & Certification

  • Become A Partner
  • Partner Policy & Program
  • Global Learning
  • Partner Sales Resources
  • Partner Business Management
  • Service Business
All Partners

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Partner Business Management

Service Business

  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us

Profile

News & Events

Online Exhibition Center

Contact Us

新华三官网