Operation: Configuration DOS Settings
Description: Configure settings to provide protection against different types of Denial of Service(DoS) attacks. 

Sample Configuration
<DoSSettings> <SYNFlood> <Source> <PacketRatePerSource>12000</PacketRatePerSource> <BurstRatePerSource>100</BurstRatePerSource> <ApplyFlag>Enable/Disable</ApplyFlag> </Source> <Destination> <PacketRatePerDestination>12000</PacketRatePerDestination> <BurstRatePerDestination>100</BurstRatePerDestination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </SYNFlood> <UDPFlood> <Source> <PacketRatePerSource>12000</PacketRatePerSource> <BurstRatePerSource>100</BurstRatePerSource> <ApplyFlag>Enable/Disable</ApplyFlag> </Source> <Destination> <PacketRatePerDestination>18000</PacketRatePerDestination> <BurstRatePerDestination>100</BurstRatePerDestination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </UDPFlood> <TCPFlood> <Source> <PacketRatePerSource>12000</PacketRatePerSource> <BurstRatePerSource>100</BurstRatePerSource> <ApplyFlag>Enable/Disable</ApplyFlag> </Source> <Destination> <PacketRatePerDestination>12000</PacketRatePerDestination> <BurstRatePerDestination>100</BurstRatePerDestination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </TCPFlood> <ICMPFlood> <Source> <PacketRatePerSource>120</PacketRatePerSource> <BurstRatePerSource>100</BurstRatePerSource> <ApplyFlag>Enable/Disable</ApplyFlag> </Source> <Destination> <PacketRatePerDestination>300</PacketRatePerDestination> <BurstRatePerDestination>100</BurstRatePerDestination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </ICMPFlood> <DroppedSourceRoutedPackets> <Destination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </DroppedSourceRoutedPackets> <DisableICMPRedirectPacket> <Destination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </DisableICMPRedirectPacket> <DisableARPFlooding> <Destination> <ApplyFlag>Enable/Disable</ApplyFlag> </Destination> </DisableARPFlooding> </DoSSettings>



Parameter Mandatory Default Description
PacketRatePerSourceNo 
Specify total number of packets allowed to a particular user for SYN flood attack.
PacketRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerSourceNo 
Specify maximum number of packets allowed to a particular user at a given time.
BurstRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Select the flag to control allowed number of packets.
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerDestinationNo 
Specify total number of packets allowed from a particular user.
PacketRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerDestinationNo 
Specify maximum number of packets allowed from a particular user at a given time.
BurstRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkSYNFloodDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerSourceNo 
Specify 'txtUDPFloodSrcPacket'
PacketRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerSourceNo 
Specify 'txtUDPFloodSrcBurst'
BurstRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkUDPFloodSrc'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerDestinationNo 
Specify 'txtUDPFloodDstPacket'
PacketRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerDestinationNo 
Specify 'txtUDPFloodDstBurst'
BurstRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkUDPFloodDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerSourceNo 
Specify 'txtTCPFloodSrcPacket'
PacketRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerSourceNo 
Specify 'txtTCPFloodSrcBurst'
BurstRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkTCPFloodSrc'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerDestinationNo 
Specify 'txtTCPFloodDstPacket'
PacketRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerDestinationNo 
Specify 'txtTCPFloodDstBurst'
BurstRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkTCPFloodDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerSourceNo 
Specify 'txtICMPFloodSrcPacket'
PacketRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerSourceNo 
Specify 'txtICMPFloodSrcBurst'
BurstRatePerSource confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkICMPFloodSrc'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
PacketRatePerDestinationNo 
Specify 'txtICMPFloodDstPacket'
PacketRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 600000 is allowed.
  • Maximum characters allowed are 6.
BurstRatePerDestinationNo 
Specify 'txtICMPFloodDstBurst'
BurstRatePerDestination confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Allowed first digit (1-9) Remaining allowed: Digit.
  • Range 1 to 10000 is allowed.
  • Maximum characters allowed are 5.
ApplyFlagNo  
Specify 'chkICMPFloodDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
ApplyFlagNo  
Specify 'chkDropSourceRoutedPacketsDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
ApplyFlagNo  
Specify 'chkDisableICMPredirectPacketDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
ApplyFlagNo  
Specify 'chkDisableARPFloodingDst'
ApplyFlag confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.



Operation   Status   Message
Configuration DOS Settings200
Configuration DOS Settings500


) Copyright 2017 Sophos Limited. All rights reserved.
Sophos is registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.