988port port-number: Specifies the port to be protected, in the range of 1 to 65535. If you do not specifythis option, DNS client verification protects port 53, HTTP client verification protects port 80, and TCPclient verification protects all ports.Usage guidelinesYou can specify multiple protected IPv6 addresses by using this command multiple times.Examples# Configure TCP client verification to protect IPv6 address 2013::12 and port 23. system-view[Sysname] client-verify tcp protected ipv6 2013::12 port 23# Configure HTTP client verification to protect IPv6 address 2013::12. system-view[Sysname] client-verify http protected ipv6 2013::12Related commandsdisplay client-verify protected ipv6client-verify tcp enableUse client-verify tcp enable to enable TCP client verification on an interface.Use undo client-verify tcp enable to disable TCP client verification on an interface.Syntaxclient-verify tcp enable [ mode { syn-cookie | safe-reset } ]undo client-verify tcp enableDefaultTCP client verification is disabled on an interface.ViewsInterface viewPredefined user rolesnetwork-adminParametersmode: Specifies a working mode for TCP client verification. If you do not specify this keyword, theSYN cookie mode is used.syn-cookie: Specifies the SYN cookie mode. In this mode, bidirectional TCP proxy is enabled.safe-reset: Specifies the safe reset mode. In this mode, unidirectional TCP proxy is enabled.Usage guidelinesEnable TCP client verification on the interface connected to the external network to check incomingpackets. This feature protects internal servers against TCP flood attacks, including SYN floodattacks, SYN-ACK flood attacks, RST flood attacks, FIN flood attacks, and ACK flood attacks.For TCP client verification to collaborate with TCP flood attack prevention, specify client-verify asthe TCP flood attack prevention action. During collaboration, the device adds the victim IP address tothe protected IP list and verifies the untrusted sources if it detects a TCP flood attack. You can usethe display client-verify tcp protected ip command to display the protected IP list for TCP clientverification.TCP client verification supports the following modes: