enable ip-security anomaly-protection l4port
Enables TCP and UDP ports checking.
|tcp||Specifies that the TCP port be enabled for checking.|
|udp||Specifies that the UDP port be enabled for checking.|
|both||Specifies both the TCP and UDP ports be enabled for checking.|
|slot||Specifies the slot to be used.|
|all||Specifies all IP addresses, or all IP addresses in a particular state.|
The default is disabled.
This command enabled TCP and UDP ports checking. This checking takes effect for both IPv4 and IPv6 TCP and UDP packets. When enabled, the switch drops TCP and UDP packets if its source port is the same as its destination port. In most cases, when the condition of source port is the same as that of the destination port, it indicates a Layer4 protocol error. (This type of error can be found in a BALT attack.)
This command was first available in ExtremeXOS 12.0.