R2511-HP MSR Router Series Security Command Reference(V5)
518
Table 79 Command output
Field Descri
p
tion
source-ip Source IP address. "---" means no such information is available.
dest-ip Destination IP address. "---" means no such information is available.
dest-port Destination port number. "---" means no such information is available.
vpn-instance MPLS L3VPN instance. "---" means that the connection belongs to the public network.
NAT The NAT module to which the connection limit policy applies.
amount Number of connections established.
upper-limit Upper limit on the number of connections.
lower-limit Lower limit on the number of connections.
limit-flag Whether new connections are allowed, 0 means yes, 1 means no.
display nat connection-limit
Use display nat connection-limit to display NAT connection limit statistics.
Syntax
display nat connection-limit [ source src-address { mask-length | mask } ] [ destination dst-address
{ mask-length | mask } ] [ destination-port { eq | gt | lt | neq | range } port-number ] [ vpn-instance
vpn-instance-name ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
source src-address: Specifies the source IP address of the connections.
destination dst-address: Specifies the destination IP address of the connections.
mask-length: Specifies the length of network mask, in the range 1 to 32.
mask: Specifies the network mask.
destination-port: Specifies destination ports of connections.
{ eq | gt | lt | neq | range }: Specifies an operator for matching destination ports.
• eq: Equal to the specified port number.
• gt: Greater than the specified port number.
• lt: Less than the specified port number.
• neq: Not equal to the specified port number.
• range: Specifies a port range.
port-number: Specifies the port number in the range of 0 to 65535. When the range keyword is specified,
set a port range in the format start-port end-port, where the start-port must be less than or equal to the
end-port.