542
Slot 1:
IP address VPN instance Type Rate threshold(PPS) Dropped
123.123.123.123 -- SYN-ACK-FLOOD 100 4294967295
201.55.7.45 -- ICMP-FLOOD 100 10
192.168.11.5 -- DNS-FLOOD 23 100
Slot 2:
IP address VPN instance Type Rate threshold(PPS) Dropped
# (In standalone mode.) Display the number of IPv4 addresses protected by flood attack detection
and prevention in attack defense policy
abc
.
<Sysname> display attack-defense policy abc flood ip count
Slot 1:
Totally 3 flood protected IP addresses.
Slot 2:
Totally 0 flood protected IP addresses.
Table 78 Command output
Field
Description
Totally 3 flood protected IP
addresses
Total number of the IPv4 addresses protected by flood attack detection
and prevention.
IP address
Protected IPv4 address.
VPN instance
MPLS L3VPN instance to which the protected IPv4 address belongs. If the
protected IPv4 address is on the public network, this field displays
hyphens (--).
Type
Type of the flood attack.
Rate threshold(PPS)
Threshold for triggering the flood attack prevention, in units of packets
sent to the IP address per second. If no rate threshold is set, this field
displays a hyphen (-).
Dropped
Number of dropped attack packets. If the prevention action is logging, this
field displays
0
.
display attack-defense policy ipv6
Use
display attack-defense policy ipv6
to display information about IPv6 addresses protected by
flood attack detection and prevention.
Syntax
In standalone mode:
display attack-defense policy policy-name
{
ack-flood
|
dns-flood
|
fin-flood
|
flood
|
http-flood
|
icmpv6-flood
|
rst-flood
|
syn-ack-flood
|
syn-flood
|
udp-flood
}
ipv6
[
ipv6-address
[
vpn
vpn-instance-name
] ] [
slot
slot-number
] ] [
count
]
In IRF mode:
display attack-defense policy policy-name
{
ack-flood
|
dns-flood
|
fin-flood
|
flood
|
http-flood
|
icmpv6-flood
|
rst-flood
|
syn-ack-flood
|
syn-flood
|
udp-flood
}
ipv6
[
ipv6-address
[
vpn
vpn-instance-name
] ] [
chassis
chassis-number slot
slot-number
] [
count
]
Views
Any view