|
|
|
Description
Shows the Accelerated SYN Defender status.
Important - To enable the Accelerated SYN Defender in Monitor (Detect only) mode on all interfaces, you must run the 'fwaccel synatk -m' or 'fwaccel6 synatk -m' command.
Syntax for IPv4
|
Syntax for IPv6
|
Parameters
Parameter |
Description |
|---|---|
|
Shows the Accelerated SYN Defender status for each SecureXL instance (" |
|
Shows the Accelerated SYN Defender statistics for all interfaces (for each SecureXL instance). |
|
Shows the attack state in short form (for each SecureXL instance). |
|
Shows the attack state in verbose form (for each SecureXL instance). |
Note - You can specify only one of these options: -a, -s, or -v.
Example 1 - Default output before and after enabling the Accelerated SYN Defender
[Expert@MyGW:0]# fwaccel synatk monitor +-----------------------------------------------------------------------------+ | SYN Defender status | +-----------------------------------------------------------------------------+ | Configuration Disabled | | Status Normal | | Non established connections 0 | | Global Threshold 10000 | | Interface Threshold 5000 | +-----------------------------------------------------------------------------+ | IF | Topology | Enforce | State (sec) | Non-established conns | | | | | | Peak | Current | +-----------------------------------------------------------------------------+ | eth0 | External | Disable | Disable | N/A | N/A | | eth1 | Internal | Disable | Disable | N/A | N/A | +-----------------------------------------------------------------------------+ [Expert@MyGW:0]# [Expert@MyGW:0]# fwaccel synatk -m [Expert@MyGW:0]# [Expert@MyGW:0]# fwaccel synatk monitor +-----------------------------------------------------------------------------+ | SYN Defender status | +-----------------------------------------------------------------------------+ | Configuration Monitoring | | Status Normal | | Non established connections 0 | | Global Threshold 10000 | | Interface Threshold 5000 | +-----------------------------------------------------------------------------+ | IF | Topology | Enforce | State (sec) | Non-established conns | | | | | | Peak | Current | +-----------------------------------------------------------------------------+ | eth0 | External | Detect | Monitor | 0 | 0 | | eth1 | Internal | Detect | Monitor | 0 | 0 | +-----------------------------------------------------------------------------+ [Expert@MyGW:0]# |
Example 2 - Showing the Accelerated SYN Defender status for each SecureXL instance
[Expert@MyGW:0]# fwaccel synatk monitor -p +-----------------------------------------------------------------------------+ | SYN Defender status | +-----------------------------------------------------------------------------+ | Configuration Monitoring | | Status Normal | | Non established connections 0 | | Global Threshold 10000 | | Interface Threshold 5000 | +-----------------------------------------------------------------------------+ | IF | Topology | Enforce | State (sec) | Non-established conns | | | | | | Peak | Current | +-----------------------------------------------------------------------------+ | eth0 | External | Detect | Monitor | 0 | 0 | | eth1 | Internal | Detect | Monitor | 0 | 0 | +-----------------------------------------------------------------------------+
PPAK ID: 0 ---------- +-----------------------------------------------------------------------------+ | SYN Defender status | +-----------------------------------------------------------------------------+ | Configuration Monitoring | | Status Normal | | Non established connections 0 | | Global Threshold 10000 | | Interface Threshold 5000 | +-----------------------------------------------------------------------------+ | IF | Topology | Enforce | State (sec) | Non-established conns | | | | | | Peak | Current | +-----------------------------------------------------------------------------+ | eth0 | External | Detect | Monitor | 0 | 0 | | eth1 | Internal | Detect | Monitor | 0 | 0 | +-----------------------------------------------------------------------------+ [Expert@MyGW:0]# |
Example 3 - Showing the Accelerated SYN Defender statistics for all interfaces and for each SecureXL instance.
[Expert@MyGW:0]# fwaccel synatk monitor -p -a Global: status attached nr_active 0
Firewall ---------- Per-interface: eth0 eth1 ---------- ---------- topology External Internal state Monitor Monitor syn ready 0 0 syn active prev 0 0 syn active curr 0 0 active_score 0 0 msec grace 0 0 msec active 0 0 sent cookies 0 0 fail validations 0 0 succ validations 0 0 early packets 0 0 no conn data 0 0 bogus syn 0 0 peak non-estab 0 0 int sent cookies 0 0 int succ validations 0 0 msec interval 0 0
PPAK ID: 0 ---------- Per-interface: eth0 eth1 ---------- ---------- topology External Internal state Monitor Monitor syn ready 0 0 syn active prev 0 0 syn active curr 0 0 active_score 0 0 msec grace 0 0 msec active 0 0 sent cookies 0 0 fail validations 0 0 succ validations 0 0 early packets 0 0 no conn data 0 0 bogus syn 0 0 peak non-estab 0 0 int sent cookies 0 0 int succ validations 0 0 msec interval 0 0 [Expert@MyGW:0]# |
Example 4 - Showing the attack state in short form (for each SecureXL instance)
[Expert@MyGW:0]# fwaccel synatk monitor -p -s M,N,0,0
PPAK ID: 0 ---------- M,N,0,0 [Expert@MyGW:0]# |
Example 5 - Showing the attack state in verbose form (for each SecureXL instance)
[Expert@MyGW:0]# fwaccel synatk monitor -p -v +-----------------------------------------------------------------------------+ | SYN Defender statistics | +-----------------------------------------------------------------------------+ | Status Normal | | Spoofed SYN/sec 0 | +-----------------------------------------------------------------------------+
PPAK ID: 0 ---------- +-----------------------------------------------------------------------------+ | SYN Defender statistics | +-----------------------------------------------------------------------------+ | Status Normal | | Spoofed SYN/sec 0 | +-----------------------------------------------------------------------------+ [Expert@MyGW:0]# |
