Help Center/ Anti-DDoS Service/ User Guide/ CNAD Advanced Operation Guide/ Adding a Protection Policy/ Configuring Fingerprint Filtering
Updated on 2024-09-26 GMT+08:00
View PDF
Share

Configuring Fingerprint Filtering

You can configure fingerprint filtering rules to perform feature matching on the content at a specified location in a data packet and set discarding or rate limiting rules based on the matching result.

Procedure

  1. Log in to the management console.
  2. Select a region in the upper part of the page, click in the upper left corner of the page, and choose Security & Compliance > Anti-DDoS Service. The Anti-DDoS Service Center page is displayed.
  3. In the navigation pane on the left, choose Cloud Native Anti-DDoS Advanced > Protection Policies. The Protection Policies page is displayed.
  4. Click Create Protection Policy.
  5. In the displayed dialog box, set the policy name, select an instance, and click OK.

    Figure 1 Creating a policy

  6. In the row containing the target policy, click Set Protection Policy in the Operation column.
  7. In the Fingerprint Filtering configuration area, click Set.

    Figure 2 Fingerprint filtering configuration box

  8. In the displayed Fingerprint Filtering Settings dialog box, click Create Fingerprint.
  9. In the displayed dialog box, set fingerprint parameters.

    Figure 3 Creating a fingerprint
    Table 1 Fingerprint parameters

    Parameter

    Description

    Fingerprint Name

    Enter the fingerprint rule name.

    Protocol

    Set the fingerprint protocol. The value can be UDP or TCP.

    Start Source Port - End Source Port

    Set the range of the fingerprint source ports.

    Start Destination Port-End Destination Port

    Set the range of the fingerprint destination ports.

    Action

    Set the action and rate limit after the fingerprint rule is matched. You can select Discard or Allow.

    Test Load

    Enter the hexadecimal value of the test load.

    Offset

    Set the offset of the fingerprint.

    Check Depth

    If, for example, the test load is "1234afee", the offset is 20, and the check depth is 8, then if there is data from the 21st byte to the 32nd byte that can be matched to "1234afee", the packet matches the finger print. 32 = 20 + 4 (fingerprint length) + 8 (check depth)

  10. Click OK.

Follow-up Procedure

  • Locate the row that contains the target port and click Delete in the Operation column to delete the fingerprint filtering rule.
  • Locate the row that contains the target port, click Edit in the Operation column to modify the fingerprint filtering rule.