floodguard
Enable or disable Flood Defender to protect against flood attacks. (Configuration mode.)
floodguard enable | disableshow floodguard
clear floodguard
Syntax
enable Enable Flood Defender. disable Disable Flood Defender.
Usage Guidelines
The floodguard command allows you to reclaim firewall resources if the user authentication ( uauth) subsystem runs out of resources. If an inbound or outbound uauth connection is being attacked or overused, the firewall will actively reclaim TCP user resources.
When the resources deplete, the firewall lists messages about it being out of resources or out of tcpusers.
If the firewall uauth subsystem is depleted, TCP user resources in different states are reclaimed depending on urgency in the following order:
- Timewait
- FinWait
- Embryonic
- Idle
The floodguard command is enabled by default.
Example
The following example enables the floodguard command and lists the floodguard command statement in the configuration:
floodguard enable
show floodguard
floodguard enable