display attack-defense statistics local
Use display attack-defense statistics local to display attack detection and prevention statistics for the device.
Syntax
In standalone mode:
display attack-defense statistics local [ slot slot-number ]
display attack-defense statistics local [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays attack detection and prevention statistics for all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays attack detection and prevention statistics for all cards. (In IRF mode.)
Examples
# (In standalone mode.) Display attack detection and prevention statistics for the device.
<Sysname> display attack-defense statistics local Attack policy name: abc Slot 1: Scan attack defense statistics: AttackType AttackTimes Dropped Port scan 2 23 IP sweep 3 33 Distribute port scan 1 10 Flood attack defense statistics: AttackType AttackTimes Dropped SYN flood 1 0 ACK flood 1 0 SYN-ACK flood 3 5000 RST flood 2 0 FIN flood 2 0 UDP flood 1 0 ICMP flood 1 0 ICMPv6 flood 1 0 DNS flood 1 0 HTTP flood 1 0 Signature attack defense statistics: AttackType AttackTimes Dropped IP option record route 1 100 IP option security 2 0 IP option stream ID 3 0 IP option internet timestamp 4 1 IP option loose source routing 5 0 IP option strict source routing 6 0 IP option route alert 3 0 Fragment 1 0 Impossible 1 1 Teardrop 1 1 Tiny fragment 1 0 IP options abnormal 3 0 Smurf 1 0 Ping of death 1 0 Traceroute 1 0 Large ICMP 1 0 TCP NULL flag 1 0 TCP all flags 1 0 TCP SYN-FIN flags 1 0 TCP FIN only flag 1 0 TCP invalid flag 1 0 TCP Land 1 0 Winnuke 1 0 UDP Bomb 1 0 Snork 1 0 Fraggle 1 0 Large ICMPv6 1 0 ICMP echo request 1 0 ICMP echo reply 1 0 ICMP source quench 1 0 ICMP destination unreachable 1 0 ICMP redirect 2 0 ICMP time exceeded 3 0 ICMP parameter problem 4 0 ICMP timestamp request 5 0 ICMP timestamp reply 6 0 ICMP information request 7 0 ICMP information reply 4 0 ICMP address mask request 2 0 ICMP address mask reply 1 0 ICMPv6 echo request 1 1 ICMPv6 echo reply 1 1 ICMPv6 group membership query 1 0 ICMPv6 group membership report 1 0 ICMPv6 group membership reduction 1 0 ICMPv6 destination unreachable 1 0 ICMPv6 time exceeded 1 0 ICMPv6 parameter problem 1 0 ICMPv6 packet too big 1 0 Slot 2: Scan attack defense statistics: AttackType AttackTimes Dropped Port scan 4 46 IP sweep 2 28 Distribute port scan 1 10 Flood attack defense statistics: AttackType AttackTimes Dropped SYN flood 1 0 ACK flood 1 0 SYN-ACK flood 2 4200 RST flood 2 0 FIN flood 2 20 UDP flood 1 0 ICMP flood 1 0 ICMPv6 flood 1 0 DNS flood 1 0 HTTP flood 1 0 Signature attack defense statistics: AttackType AttackTimes Dropped IP option record route 2 230 IP option security 2 0 IP option stream ID 3 0 IP option internet timestamp 4 1 IP option loose source routing 5 0 IP option strict source routing 2 0 IP option route alert 3 12 Fragment 1 0 Impossible 1 1 Teardrop 1 1 Tiny fragment 1 0 IP options abnormal 3 0 Smurf 1 0 Ping of death 1 0 Traceroute 1 0 Large ICMP 1 0 TCP NULL flag 1 0 TCP all flags 1 0 TCP SYN-FIN flags 1 0 TCP FIN only flag 1 0 TCP invalid flag 1 0 TCP Land 1 0 Winnuke 1 0 UDP Bomb 1 0 Snork 1 0 Fraggle 1 0 Large ICMPv6 1 0 ICMP echo request 1 0 ICMP echo reply 1 0 ICMP source quench 1 0 ICMP destination unreachable 1 0 ICMP redirect 2 3 ICMP time exceeded 3 0 ICMP parameter problem 4 0 ICMP timestamp request 5 0 ICMP timestamp reply 6 0 ICMP information request 7 0 ICMP information reply 4 0 ICMP address mask request 2 0 ICMP address mask reply 1 0 ICMPv6 echo request 1 1 ICMPv6 echo reply 1 1 ICMPv6 group membership query 1 0 ICMPv6 group membership report 1 0 ICMPv6 group membership reduction 1 0 ICMPv6 destination unreachable 1 0 ICMPv6 time exceeded 1 0 ICMPv6 parameter problem 1 0 ICMPv6 packet too big 1 0
Table 79: Command output
Field | Description |
---|---|
AttackType | Type of the attack. |
AttackTimes | Number of times that the attack occurred. This command output displays only attacks that are detected. |
Dropped | Number of dropped packets. |
ICMPv6 flood | ICMPv6 flood attack. This field is not displayed when no ICMPv6 flood attack is detected. |
Large ICMPv6 | Large ICMPv6 attack. This field is not displayed when no large ICMPv6 attack is detected. |
ICMPv6 echo request | ICMPv6 echo request attack. This field is not displayed when no ICMPv6 echo request attack is detected. |
ICMPv6 echo reply | ICMPv6 echo reply attack. This field is not displayed when no ICMPv6 echo reply attack is detected. |
ICMPv6 group membership query | ICMPv6 group membership query attack. This field is not displayed when no ICMPv6 group membership query attack is detected. |
ICMPv6 group membership report | ICMPv6 group membership report attack. This field is not displayed when no ICMPv6 group membership report attack is detected. |
ICMPv6 group membership reduction | ICMPv6 group membership reduction attack. This field is not displayed when no ICMPv6 group membership reduction attack is detected. |
ICMPv6 destination unreachable | ICMPv6 destination unreachable attack. This field is not displayed when no ICMPv6 destination unreachable attack is detected. |
ICMPv6 time exceeded | ICMPv6 time exceeded attack. This field is not displayed when no ICMPv6 time exceeded attack is detected. |
ICMPv6 parameter problem | ICMPv6 parameter problem attack. This field is not displayed when no ICMPv6 parameter problem attack is detected. |
ICMPv6 packet too big | ICMPv6 packet too big attack. This field is not displayed when no ICMPv6 packet too big attack is detected. |
Related commands
reset attack-defense statistics local