1071rst-flood actionUse rst-flood action to specify global actions against RST flood attacks.Use undo rst-flood action to restore the default.Syntaxrst-flood action { client-verify | drop | logging } *undo rst-flood actionDefaultNo global action is specified for RST flood attacks.ViewsAttack defense policy viewPredefined user rolesnetwork-adminParametersclient-verify: Adds the victim IP addresses to the protected IP list for TCP client verification. If TCPclient verification is enabled, the device provides proxy services for protected servers.drop: Drops subsequent RST packets destined for the victim IP addresses.logging: Enables logging for RST flood attack events.Usage guidelinesFor the RST flood attack detection to collaborate with the TCP client verification, make sure theclient-verify keyword is specified and the TCP client verification is enabled. To enable TCP clientverification, use the client-verify tcp enable command.Examples# Specify drop as the global action against RST flood attacks in the attack defense policyatk-policy-1. system-view[Sysname] attack-defense policy atk-policy-1[Sysname-attack-defense-policy-atk-policy-1] rst-flood action dropRelated commandsclient-verify tcp enablerst-flood detectrst-flood detect non-specificrst-flood thresholdrst-flood detectUse rst-flood detect to configure IP address-specific RST flood attack detection.Use undo rst-flood detect to remove the IP address-specific RST flood attack detectionconfiguration.Syntaxrst-flood detect { ip ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ][ threshold threshold-value ] [ action { { client-verify | drop | logging } * | none } ]