Manualshelf

R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
591592593594595596597598599600
579
display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood |
icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn
vpn-instance-name ] ] [ slot slot-number ] [ count ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
policy-name: Specifies an attack defense policy by its name. The policy name is a case-insensitive string
of 1 to 31 characters. Valid characters include uppercase and lowercase letters, digits, underscores (_),
and hyphens (-).
ack-flood: Specifies ACK flood attack.
dns-flood: Specifies DNS flood attack.
fin-flood: Specifies FIN flood attack.
flood: Specifies all IPv4 flood attacks.
http-flood: Specifies HTTP flood attack.
icmp-flood: Specifies ICMP flood attack.
rst-flood: Specifies RST flood attack.
syn-ack-flood: Specifies SYN-ACK flood attack.
syn-flood: Specifies SYN flood attack.
udp-flood: Specifies UDP flood attack.
ip-address: Specifies a protected IPv4 address. If no IPv4 address is specified, this command displays
information about all protected IPv4 addresses.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the IPv4 address belongs.
The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Do not specify this
option if the IPv4 address is on the public network.
slot slot-number: Specifies a card by its slot number. If no card is specified, this command displays
information about IPv4 addresses protected by flood attack detection and prevention on all cards.
(MSR4000.)
count: Displays the number of matching IPv4 addresses protected by flood attack detection and
prevention.
Examples
# (MSR2000/MSR3000.) Display information about all IPv4 addresses protected by flood attack
detection and prevention in attack defense policy abc.
<Sysname> display attack-defense policy abc flood ip
IP address VPN instance Type Rate threshold(PPS) Dropped
123.123.123.123 a012345678901234 SYN-ACK-FLOOD 100 4294967295
201.55.7.45 -- ICMP-FLOOD 100 10
192.168.11.5 -- DNS-FLOOD 23 100