[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

source-threshold

Syntax

source-threshold number ;

Hierarchy Level

[edit security screen ids-option screen-name tcp syn-flood]

Release Information

Statement modified in Release 9.2 of JUNOS software.

Description

Specify the number of SYN segments that the device can receive per second from a single source IP address (regardless of the destination IP address and port number) before the device begins dropping connection requests from that source.

This statement is supported on J-series and SRX-series devices.

Options

number —Number of SYN segments to be received per second before the device starts dropping connection requests.

Range: 4 through 100000 per second
Default: 4000 per second

Note: For SRX-series devices the applicable range is 4 through 1000000 per second.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]