Displaying and maintaining attack detection and prevention
Use the display commands in any view and the reset commands in user view.
To display and maintain attack detection and prevention:
Task | Command |
---|---|
Display attack detection and prevention statistics on an interface (centralized devices in standalone mode). | display attack-defense statistics interface interface-type interface-number |
Display attack detection and prevention statistics on an interface (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense statistics interface interface-type interface-number [ slot slot-number ] |
Display attack detection and prevention statistics on an interface (distributed devices in IRF mode). | display attack-defense statistics interface interface-type interface-number [ chassis chassis-number slot slot-number ] |
Display attack detection and prevention statistics for the device (centralized devices in standalone mode). | display attack-defense statistics local |
Display attack detection and prevention statistics for the device (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense statistics local [ slot slot-number ] |
Display attack detection and prevention statistics for the device (distributed devices in IRF mode). | display attack-defense statistics local [ chassis chassis-number slot slot-number ] |
Display attack defense policy configuration. | display attack-defense policy [ policy-name ] |
Display information about IPv4 scanning attackers (centralized devices in standalone mode). | display attack-defense scan attacker ip [ interface interface-type interface-number | local ] [ count ] |
Display information about IPv4 scanning attackers (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense scan attacker ip [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display information about IPv4 scanning attackers (distributed devices in IRF mode). | display attack-defense scan attacker ip [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display information about IPv6 scanning attackers (centralized devices in standalone mode). | display attack-defense scan attacker ipv6 [ interface interface-type interface-number | local ] [ count ] |
Display information about IPv6 scanning attackers (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense scan attacker ipv6 [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display information about IPv6 scanning attackers (distributed devices in IRF mode). | display attack-defense scan attacker ipv6 [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display information about IPv4 scanning attack victims (centralized devices in standalone mode). | display attack-defense scan victim ip [ interface interface-type interface-number | local ] [ count ] |
Display information about IPv4 scanning attack victims (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense scan victim ip [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display information about IPv4 scanning attack victims (distributed devices in IRF mode). | display attack-defense scan victim ip [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display information about IPv6 scanning attack victims (centralized devices in standalone mode). | display attack-defense scan victim ipv6 [ interface interface-type interface-number | local ] [ count ] |
Display information about IPv6 scanning attack victims (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense scan victim ipv6 [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display information about IPv6 scanning attack victims (distributed devices in IRF mode). | display attack-defense scan victim ipv6 [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display flood attack detection and prevention statistics for an IPv4 address (centralized devices in standalone mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number | local ] [ count ] |
Display flood attack detection and prevention statistics for an IPv4 address (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ count ] [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display flood attack detection and prevention statistics for an IPv4 address (distributed devices in IRF mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display flood attack detection and prevention statistics for an IPv6 address (centralized devices in standalone mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number | local ] [ count ] |
Display flood attack detection and prevention statistics for an IPv6 address (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ [ interface interface-type interface-number | local ] [ slot slot-number ] ] [ count ] |
Display flood attack detection and prevention statistics for an IPv6 address (distributed devices in IRF mode). | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ [ interface interface-type interface-number | local ] [ chassis chassis-number slot slot-number ] ] [ count ] |
Display information about IPv4 addresses protected by flood attack detection and prevention (centralized devices in standalone mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ count ] |
Display information about IPv4 addresses protected by flood attack detection and prevention (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
Display information about IPv4 addresses protected by flood attack detection and prevention (distributed devices in IRF mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display information about IPv6 addresses protected by flood attack detection and prevention (centralized devices in standalone mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ count ] |
Display information about IPv6 addresses protected by flood attack detection and prevention (distributed devices in standalone mode/centralized devices in IRF mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
Display information about IPv6 addresses protected by flood attack detection and prevention (distributed devices in IRF mode). | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display IPv4 blacklist entries (centralized devices in standalone mode). | display blacklist ip [ source-ip-address [ vpn-instance vpn-instance-name ] [ ds-lite-peer ds-lite-peer-address ] ] [ count ] |
Display IPv4 blacklist entries (distributed devices in standalone mode/centralized devices in IRF mode). | display blacklist ip [ source-ip-address [ vpn-instance vpn-instance-name ] [ ds-lite-peer ds-lite-peer-address ] ] [ slot slot-number ] [ count ] |
Display IPv4 blacklist entries (distributed devices in IRF mode). | display blacklist ip [ source-ip-address [ vpn-instance vpn-instance-name ] [ ds-lite-peer ds-lite-peer-address ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display IPv6 blacklist entries (centralized devices in standalone mode). | display blacklist ipv6 [ source-ipv6-address [ vpn-instance vpn-instance-name ] ] [ count ] |
Display IPv6 blacklist entries (distributed devices in standalone mode/centralized devices in IRF mode). | display blacklist ipv6 [ source-ipv6-address [ vpn-instance vpn-instance-name ] ] [ slot slot-number ] [ count ] |
Display IPv6 blacklist entries (distributed devices in IRF mode). | display blacklist ipv6 [ source-ipv6-address [ vpn-instance vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display protected IPv4 list entries for client verification (centralized devices in standalone mode). | display client-verify { dns | http | tcp } protected ip [ ip-address [ vpn vpn-instance-name ] ] [ port port-number ] [ count ] |
Display protected IPv4 addresses for client verification (distributed devices in standalone mode/centralized devices in IRF mode). | display client-verify { dns | http | tcp } protected ip [ ip-address [ vpn vpn-instance-name ] ] [ port port-number ] [ slot slot-number ] [ count ] |
Display protected IPv4 addresses for client verification (distributed devices in IRF mode). | display client-verify { dns | http | tcp } protected ip [ ip-address [ vpn vpn-instance-name ] ] [ port port-number ] [ chassis chassis-number slot slot-number ] [ count ] |
Display protected IPv6 addresses for client verification (centralized devices in standalone mode). | display client-verify { dns | http | tcp } protected ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ port port-number ] [ count ] |
Display protected IPv6 addresses for client verification (distributed devices in standalone mode/centralized devices in IRF mode). | display client-verify { dns | http | tcp } protected ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ port port-number ] [ slot slot-number ] [ count ] |
Display protected IPv6 addresses for client verification (distributed devices in IRF mode). | display client-verify { dns | http | tcp } protected ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ port port-number ] [ chassis chassis-number slot slot-number ] [ count ] |
Display trusted IPv4 addresses for client verification (centralized devices in standalone mode). | display client-verify { dns | http | tcp } trusted ip [ ip-address [ vpn vpn-instance-name ] ] [ count ] |
Display trusted IPv4 addresses for client verification (distributed devices in standalone mode/centralized devices in IRF mode). | display client-verify { dns | http | tcp } trusted ip [ ip-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
Display trusted IPv4 addresses for client verification (distributed devices in IRF mode). | display client-verify { dns | http | tcp } trusted ip [ ip-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display trusted IPv6 addresses for client verification (centralized devices in standalone mode). | display client-verify { dns | http | tcp } trusted ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ count ] |
Display trusted IPv6 addresses for client verification (distributed devices in standalone mode/centralized devices in IRF mode). | display client-verify { dns | http | tcp } trusted ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
Display trusted IPv6 addresses for client verification (distributed devices in IRF mode). | display client-verify { dns | http | tcp } trusted ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Clear attack detection and prevention statistics for an interface. | reset attack-defense statistics interface interface-type interface-number |
Clear attack detection and prevention statistics for the device. | reset attack-defense statistics local |
Clear flood attack detection and prevention statistics. | reset attack-defense policy policy-name flood protected { ip | ipv6 } statistics |
Clear dynamic IPv4 blacklist entries. | reset blacklist ip { source-ip-address [ vpn-instance vpn-instance-name ] [ ds-lite-peer ds-lite-peer-address ] | all } |
Clear dynamic IPv6 blacklist entries. | reset blacklist ipv6 { source-ipv6-address [ vpn-instance vpn-instance-name ] | all } |
Clear blacklist statistics. | reset blacklist statistics |
Clear protected IP statistics for client verification. | reset client-verify { dns | http | tcp } protected { ip | ipv6 } statistics |
Clear the trusted IP list for client verification. | reset client-verify { dns | http | tcp } trusted { ip | ipv6 } |