Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jmlux
New Contributor III

IPv4 DoS policy: how does this actually work?

Hey,

 

How will counters that result in blocking actions be created in the end? Is source/destination the filter that defines which connections will be considered for blocking at all and from those it will keep a list by (srcip,dstip,service) to block? Say I define: Src: 1.1.1.1 + 1.1.1.2 Dst: 2.2.2.1 + 2.2.2.2 Service: HTTP + HTTPS DoS: syn_flood Now if 1.1.1.2 issues too many SYNs toward 2.2.2.2 on port 443 it will be blocked. However 1.1.1.2 -> 2.2.2.2 service HTTP will continue to work right? As will 1.1.1.1 -> 2.2.2.2 HTTPS for example? As usual there is no documentation what really happens. I mean "click on enable to enable" and the like can really be omitted from any docs. A description of the actual behavior is what I'd like to read. That should not be part of only an advanced (nowhere to be found) doc or a knowledge base. That should be THE documentaion. Thanks.

1 REPLY 1
kgeorge
Staff
Staff

Hello,

 

Sorry that, this post was left unaddressed. I believe, you should have got what you were looking for.

 

However, like to share this documentation which I believe should address your concerns,

https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/771644/dos-protection

 

Regards,

Klint George

Regards,
Klint George
Labels
Top Kudoed Authors