Description
This article describes how to configure IPv4 DOS policy.
Solution
This article describes how to configure IPv4 DOS policy.
# config firewall DoS-policy
edit 1
set status enable
set comments ''
set interface ''
config anomaly
edit "tcp_syn_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "tcp_port_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "tcp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "tcp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "icmp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 250
next
edit "icmp_sweep"
set status disable
set log disable
set action pass
set quarantine none
set threshold 100
next
edit "icmp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 300
next
edit "icmp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "ip_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "ip_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "sctp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "sctp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.