![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496312.webp)
11-28
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Monitoring Attack Filtering
Example 2
This example shows a query for a single IP address, with a specified port.
SCE#>show interface linecard 0 attack-filter query single-sided ip 10.1.1.1 dest-port 21
configured
Protocol|Side|Dir.|Action| Thresholds |don't- |force-|Sub- |Alarm
| | | |Open flows|Ddos-Susp. flows|filter|filter|notif|
| | | |rate |rate |ratio| | | |
--------|----|----|------|----------|----------|-----|----- |------|-----|-----
TCP+port|net.|src.|Block | 1000| 500| 50|No |No | No| Yes
| | |(1) | | | | | | | (1)
TCP+port|net.|dst.|Report| 1000| 500| 50|No |No | No| No
TCP+port|sub.|src.|Block | 1000| 500| 50|No |No | No| Yes
| | |(1) | | | | | | | (1)
TCP+port|sub.|dst.|Report| 1000| 500| 50|No |No | No| No
UDP+port|net.|src.|Report| 1000| 500| 50|No |No | No| No
UDP+port|net.|dst.|Report| 1000| 500| 50|No |No | No| No
UDP+port|sub.|src.|Report| 1000| 500| 50|No |No | No| No
UDP+port|sub.|dst.|Report| 1000| 500| 50|No |No | No| No
(N) below a value means that the value is set through attack-detector #N.
SCE#>
How to display the current counters
Use this command to display the current counters for the specified attack detector for attack types for a
specified IP address.
Step 1
From the SCE> prompt, type
s
how interface linecard 0 attack-filter query ((single-sided ip
ip-address
)|(dual-sided source-IP
source-ip-address
destination-IP
dest-ip-address
)) [dest-port
portnumber
] current
and press
Enter
.
How to display all currently handled attacks
Step 1
From the SCE> prompt, type
show interface linecard 0 attack-filter current-attacks
and press
Enter
.
How to display all existing force-filter settings
Step 1
From the SCE> prompt, type
show interface linecard 0 attack-filter force-filter
and press
Enter
.
How to display all existing don't-filter settings
Step 1
From the SCE> prompt, type
show interface linecard 0 attack-filter don't-filter
and press
Enter
.