Displaying and maintaining attack detection and prevention
Use the display commands in any view and the reset commands in user view.
To display and maintain attack detection and prevention:
Task | Command |
---|---|
(In standalone mode.) Display attack detection and prevention statistics on an interface. | display attack-defense statistics interface interface-type interface-number [ slot slot-number ] |
(In IRF mode.) Display attack detection and prevention statistics on an interface. | display attack-defense statistics interface interface-type interface-number [ chassis chassis-number slot slot-number ] |
(In standalone mode.) Display attack detection and prevention statistics for the device. | display attack-defense statistics local [ slot slot-number ] |
(In IRF mode.) Display attack detection and prevention statistics for the device. | display attack-defense statistics local [ chassis chassis-number slot slot-number ] |
Display attack defense policy configuration. | display attack-defense policy [ policy-name ] |
(In standalone mode.) Display information about IPv4 scanning attackers. | display attack-defense scan attacker ip [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display information about IPv4 scanning attackers. | display attack-defense scan attacker ip [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display information about IPv6 scanning attackers. | display attack-defense scan attacker ipv6 [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display information about IPv6 scanning attackers. | display attack-defense scan attacker ipv6 [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display information about IPv4 scanning attack victims. | display attack-defense scan victim ip [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display information about IPv4 scanning attack victims. | display attack-defense scan victim ip [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display information about IPv6 scanning attack victims. | display attack-defense scan victim ipv6 [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display information about IPv6 scanning attack victims. | display attack-defense scan victim ipv6 [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display flood attack detection and prevention statistics for an IPv4 address. | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display flood attack detection and prevention statistics for an IPv4 address. | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display flood attack detection and prevention statistics for an IPv6 address. | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ] |
(In IRF mode.) Display flood attack detection and prevention statistics for an IPv6 address. | display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ] |
(In standalone mode.) Display information about IPv4 addresses protected by flood attack detection and prevention. | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
(In IRF mode.) Display information about IPv4 addresses protected by flood attack detection and prevention. | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
(In standalone mode.) Display information about IPv6 addresses protected by flood attack detection and prevention. | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ] |
(In IRF mode.) Display information about IPv6 addresses protected by flood attack detection and prevention. | display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ] |
Display IPv4 blacklist entries. | display blacklist ip [ source-ip-address [ vpn-instance vpn-instance-name ] ] [ count ] |
Display IPv6 blacklist entries. | display blacklist ipv6 [ source-ipv6-address [ vpn-instance vpn-instance-name ] ] [ count ] |
Clear attack detection and prevention statistics for an interface. | reset attack-defense statistics interface interface-type interface-number |
Clear attack detection and prevention statistics for the device. | reset attack-defense statistics local |
Clear flood attack detection and prevention statistics. | reset attack-defense policy policy-name flood protected { ip | ipv6 } statistics |
Clear dynamic IPv4 blacklist entries. | reset blacklist ip { source-ip-address [ vpn-instance vpn-instance-name ] | all } |
Clear dynamic IPv6 blacklist entries. | reset blacklist ipv6 { source-ipv6-address [ vpn-instance vpn-instance-name ] | all } |
Clear blacklist statistics. | reset blacklist statistics |