This section describes how to create a hardware filter and associate the filter with a device for the cleaning device to perform static filtering on the traffic passing through the device.
Only the AntiDDoS devices support this operation. The AntiDDoS1820-N does not support this operation.
Hardware Filter Types
The AntiDDoS provides hardware filters of the IPv4 and IPv6 protocol types. For details about the protocols supported by the hardware filters of the IPv4 and IPv6 protocol types, see Table 1 and Table 2 respectively.
Each device supports a maximum of 50 hardware filters.
Protocol |
Filtering Content |
|---|---|
User-defined protocol ID |
Source IP address, destination IP address, packet length, and Fragment type |
IPv4 protocol |
Source IP address, destination IP address, packet length, and Fragment type |
TCP protocol |
Source IP address, destination IP address, packet length, source port, destination port, packet length, TCP flag, and Fragment type |
UDP protocol |
Source IP address, destination IP address, packet length, source port, destination port, and Fragment type |
ICMPv4 protocol |
Source IP address, destination IP address, packet length, and Fragment type |
Protocol |
Filtering Content |
|---|---|
User-defined protocol ID |
Destination IP address and packet length |
IPv6 protocol |
Destination IP address and packet length |
TCP protocol |
Destination IP address, packet length, source port, destination port, packet length, and TCP flag |
UDP protocol |
Destination IP address, packet length, source port, and destination port |
ICMPv6 protocol |
Destination IP address and packet length |
Hardware Filter Template
The ATIC provides 33 common hardware filter templates by default.
Chargen_Amplification_Attack |
Chargen amplification attack |
SNMP_Amplification_Attack |
SNMP amplification attack |
TFTP_Amplification_Attack |
TFTP amplification attack |
NTP_Amplification_Attack |
NTP amplification attack |
NetBIOS_Amplification_Attack |
NetBIOS amplification attack |
SSDP_Amplification_Attack |
SSDP amplification attack |
QOTD_Amplification_Attack |
QOTD amplification attack |
Quake_Network_Protocol_Amplification_Attack |
Quake amplification attack |
Steam_Protocol_Amplification_Attack |
Steam amplification attack |
Portmapper_Amplification_Attack |
Portmapper amplification attack |
Microsoft_SQL_Resolution_Service_Amplification_Attack |
SQL amplification attack |
RIPV1_Amplification_Attack |
RIPV1 amplification attack |
Sentinel_Amplification_Attack |
Sentinel amplification attack |
LDAP_Amplification_Attack |
LDAP amplification attack |
QUIC_Amplification_Attack |
QUIC amplification attack |
mDNS_Amplification_Attack |
mDNS amplification attack |
Memcached_Amplification_Attack |
Memcached amplification attack |
SYN_Large_Attack |
Attack using large SYN packets |
SYN_Short_Attack |
Attack using small SYN packets |
IPMI_Amplification_Attack |
IPMI amplification attack |
CoAP_Amplification_Attack |
CoAP amplification attack |
ONVIF_Amplification_Attack |
ONVIF amplification attack |
ARMS_Amplification_Attack |
ARMS amplification attack |
OpenVPN_Amplification_Attack |
OpenVPN amplification attack |
TeamSpeak_Amplification_Attack |
TeamSpeak amplification attack |
Call_of_Duty_Amplification_Attack |
Call_of_Duty amplification attack |
SRCDS_Amplification_Attack |
SRCDS amplification attack |
Combat_Evolved_Amplification_Attack |
Combat_Evolved amplification attack |
Kad_Amplification_Attack |
Kad amplification attack |
BitTorrent_Amplification_Attack |
BitTorrent amplification attack |
SIP_Amplification_Attack |
SIP amplification attack |
L2TP_Amplification_Attack |
L2TP amplification attack |
NTP_Amplification_Attack_1123 |
NTP amplification attack on source port 1123 |
You can edit or delete templates as required.
Hardware Filter Matching Sequence
Hardware filters in the list are matched top down. After a matching hardware filter is found, the action defined in the hardware filter is executed, and the matching ends. If no match is found, hardware filters are matched top down again.
Management Operations
Choose to configure a hardware filter.
Operation |
Description |
|---|---|
Create |
Click |
Modify |
Click |
Delete |
Select the check box for the hardware filter and click |
Search |
Enter part of a hardware filter name or the full name in Name and click |
