Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
411412413414415416417418419420
13
Task Command
Remarks
Display the configuration
information about one or all attack
protection policies.
display attack-defense policy
[ policy-number ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display information about blacklist
entries. (In standalone mode.)
display blacklist { all | ip source-ip-address
[ slot slot-number ] | slot slot-number } [ |
{ begin | exclude | include }
regular-expression ]
Available in any view.
Display information about blacklist
entries. (In IRF mode.)
display blacklist { all | chassis chassis-number
slot slot-number | ip source-ip-address
[ chassis chassis-number slot slot-number ] }
[ | { begin | exclude | include }
Available in any view.
Display the traffic statistics of an
interface.
display flow-statistics statistics interface
interface-type interface-number { inbound |
outbound } [ | { begin | exclude | include }
regular-expression ]
Available in any view.
Display the interface traffic
statistics based on IP addresses. (In
standalone mode.)
display flow-statistics statistics [ slot
slot-number ] { destination-ip dest-ip-address
| source-ip src-ip-address } [ vpn-instance
vpn-instance-name ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display the interface traffic
statistics based on IP addresses. (In
IRF mode.)
display flow-statistics statistics [ chassis
chassis-number slot slot-number ]
{ destination-ip dest-ip-address | source-ip
src-ip-address } [ vpn-instance
vpn-instance-name ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display information about the IP
addresses protected by the TCP
proxy function. (In standalone
mode.)
display tcp-proxy protected-ip [ slot
slot-number ] [ | { begin | exclude | include }
regular-expression ]
Available in any view.
Display information about the IP
addresses protected by the TCP
proxy function. (In IRF mode.)
display tcp-proxy protected-ip [ chassis
chassis-number slot slot-number ] [ | { begin |
exclude | include } regular-expression ]
Available in any view.
Clear attack protection statistics
about an interface.
reset attack-defense statistics interface
interface-type interface-number
Available in user view.
Attack detection and protection configuration
examples
Attack protection functions on interfaces configuration example
Network requirements
As shown in Figure 129, GigabitEthernet 3/0/1 is connected with the internal network, GigabitEthernet
3/0/2 is connected to the external network, and GigabitEthernet 3/0/3 is connected with an internal
server.