Comware

 View Only
last person joined: 3 days ago 

acl for tcp flags SYN and CWR

This thread has been viewed 5 times
  • 1.  acl for tcp flags SYN and CWR

    Posted Oct 25, 2023 06:18 AM

    Hi,

    version:

    HPE Comware Software, Version 7.1.064, Release 0821P11

    I have config like this:

    interface GigabitEthernet0/0

    ip address 10.10.10.10 255.255.255.0

    packet-filter name GigabitEthernet0/0 inbound

    acl advanced name GigabitEthernet0/0
     rule 100 permit tcp established
     rule 65510 deny ip

    When i start tcp with SYN and CWR (Congestion window reduced) flags, it get reply.

    hping3 -p 22 -S -Y 10.10.10.10

    When i start tcp with SYN flag, it don't get reply.

    hping3 -p 22 -S 10.10.10.10

    So is there any way block the SYN and CWR?

    Or is there some services in comware which should be shutdown?