fwaccel synatk
In the R81.10.X releases, this command is available starting from the R81.10.00 version.
Description
The "fwaccel synatk" and "fwaccel6 synatk" commands control the Accelerated SYN Defender on the local Security Gateway, or Cluster Member.
|
|
Important - See sk120476 for information about the 'SYN Attack' protection in SmartConsole. |
Syntax for IPv4
|
|
Syntax for IPv6
|
|
Parameters
|
Parameter |
Description |
|---|---|
|
No Parameters |
Shows the applicable built-in usage. |
|
|
Applies the configuration from the default file. See fwaccel synatk -a. |
|
|
Applies the configuration from the specified file. |
|
|
Disables the Accelerated SYN Defender on all interfaces. See fwaccel synatk -d. |
|
|
Enables the Accelerated SYN Defender on interfaces with topology "External". Enables the Accelerated SYN Defender in Monitor (Detect only) mode on interfaces with topology "Internal". See fwaccel synatk -e. |
|
|
Enables the Accelerated SYN Defender on all interfaces. See fwaccel synatk -g. |
|
|
Enables the Accelerated SYN Defender in Monitor (Detect only) mode on all interfaces. In this state, the Accelerated SYN Defender only sends a log when it recognizes a TCP SYN Flood attack. See fwaccel synatk -m. |
|
|
Configures the threshold numbers of half-opened TCP connections that trigger the Accelerated SYN Defender. |
|
|
Controls the Accelerated SYN Defender whitelist. See fwaccel synatk allow. |
|
|
Shows the current Accelerated SYN Defender configuration. |
|
|
Shows the Accelerated SYN Defender status. |
|
|
Controls the Accelerated SYN Defender states. See fwaccel synatk state. |