fwaccel dos

Description

The fwaccel dos and fwaccel6 dos commands control the Rate Limiting for DoS mitigation techniques in SecureXL on the local Security Gateway, or Cluster Member.

Important:

  • In VSX mode, you must go to the context of an applicable Virtual System.

    • In Gaia Clish, run: set virtual-system <VSID>

    • In the Expert mode, run: vsenv <VSID>

  • In a Cluster, you must configure all the Cluster Members in the same way.

Syntax for IPv4

fwaccel dos

      allow <options>

      config <options>

      deny <options>

      pbox <options>

      rate <options>

      stats <options>

Syntax for IPv6

fwaccel6 dos

      allow <options>

      config <options>

      deny <options>

      pbox <options>

      rate <options>

      stats <options>

Parameters

Parameter

Description

allow <options>

Configures the allow-list for source IP addresses in the SecureXL Penalty Box.

See fwaccel dos allow.

config <options>

Controls the DoS mitigation configuration in SecureXL.

See fwaccel dos config.

deny <options>

Controls the IP deny-list in SecureXL.

See fwaccel dos deny.

pbox <options>

Controls the Penalty Box whitelist in SecureXL.

See fwaccel dos pbox.

rate <options>

Shows and installs the Rate Limiting policy in SecureXL.

See fwaccel dos rate.

stats <options>

Shows and clears the DoS real-time statistics in SecureXL.

See fwaccel dos stats.