by-pair (IDS MS-DPC)
Syntax
by-pair {
hold-time seconds;
maximum number;
packets number;
rate number;
}
Hierarchy Level
[edit services ids rule rule-name term term-name then session-limit]
Description
Apply limit to paired stateful firewall and NAT flows (forward and reverse) when using the MS-DPC.
Options
hold-time seconds—Length of time for which to stop all new flows once the rate
of events exceeds the threshold set by one or more of the maximum, packets, or rate statements.
maximum number—Maximum
number of open sessions per application or IP address.
packets number—Maximum
peak packets per second per application or IP address.
rate number—Maximum number
of sessions per second per application or IP address.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.