General DDoS
- Ashish Khabde
Analytics
The following table lists the auto rules that are used to mitigate general DDoS attacks on your advanced appliance.
| Rule ID | Rule Type | Rule Name | Description | Enable/Disable Condition | Parameters | Comments |
|---|---|---|---|---|---|---|
| 110000100 | Auto | EARLY DROP DoS packets with same source and destination IP | This rule drops any IP packets that contain the same source and destination IP address. | Always enabled. | Events per second (default = 1) | |
| 110000200 | Auto | EARLY DROP DoS UDP packets with same source and destination IP | This rule drops UDP packets that contain the same source and destination IP address. | Always enabled. | Events per second (default = 1) | |
| 110000300 | Auto | EARLY DROP DoS TCP packets with same source and destination IP | This rule drops TCP packets that contain the same source and destination IP address. | Always enabled. | Events per second (default = 1) | |
| 130400300 | Auto | DROP IPv6 destination loopback address spoofing | This rule blocks any IP packets that attempt to forge the IPv6 destination loopback address. | Always enabled. | Events per second (default = 1) | |
| 130400400 | Auto | DROP IPv6 source loopback address spoofing | This rule blocks any IP packets that attempt to forge the IPv6 source loopback address. | Always enabled. | Events per second (default = 1) |