Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

flood (Security UDP)

Syntax

Hierarchy Level

Description

Configure the device to detect and prevent UDP floods. UDP flooding occurs when an attacker sends UDP packets to slow down the system to the point that it can no longer process valid connection requests.

The threshold defines the number of UDP packets per second allowed to ping the same destination IP address/port pair. When the number of packets exceeds this value within any 1-second period, the device generates an alarm and drops subsequent packets for the remainder of that second.

Options

threshold number —Number of UDP packets per second allowed to ping the same destination address before the device rejects further UDP packets.

  • Range: 1 through 4,000,000 per second

  • Default: 1,000 per second

For SRX300, SRX320, SRX340, and SRX345, the applicable range is 1 through 100,000 per second.

For SRX1500, SRX4100, SRX4200, and vSRX Virtual Firewall, the applicable range is 1 to 1,000,000.

For SRX4600, SRX5400, SRX5600, and SRX5800, the applicable range is 1 through 4,000,000 per second.

white-list name —Configure a list of IP addresses that are exempted from UDP flood detection, which occur during the UDP flood screen protection process. This list of exempted addresses is called an allowlist.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement modified in Junos OS Release 9.2.

Related Documentation