[Contents] [Prev] [Next] [Index] [Report an Error]

Example: Blocking Packets with SYN and FIN Flags Set (CLI)

The following example shows how to create the syn-fin screen to block packets with the SYN and FIN flags set. The screen is enabled for the zone security zone.

To block packets with both the SYN and FIN flags set:

  1. Configure the syn-fin screen:

    user@host#set security screen ids-option syn-fin tcp syn-fin

  2. Enable the screen in the zone security zone:

    user@host#set security zones security-zone zone screen syn-fin

Related Topics

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]