< Home

SECE/4/STRACK_DENY

Message

SECE/4/STRACK_DENY: Some packets are dropped because an attack is detected. (Interface=[OCTET], SourceIP=[IPADDR])

SECE/4/STRACK_DENY: Some packets are dropped because an attack is detected. (Interface=[OCTET], SourceMAC=[OCTET])

SECE/4/STRACK_DENY: Some packets are dropped because an attack is detected. (Interface=[OCTET], CVLAN=[INTEGER], PVLAN=[INTEGER])

Description

The switch discards some packets because it detects an attack.

Parameters

Parameter Name Parameter Meaning

Interface

Indicates the interface that receives attack packets.

SourceMAC

Indicates the source MAC address of attack packets.

SourceIP

Indicates the source IP address of attack packets.

CVLAN

Indicates the inner VLAN ID of attack packets.

PVLAN

Indicates the outer VLAN ID of attack packets.

Possible Causes

The attack tracing module detects an attack, and the attack defense action is set to deny.

Procedure

  1. Check whether the discarded packets are sent from an authorized user.
  2. If the sender is an authorized user, run the auto-defend whitelist whitelist-num { acl acl_number | interface interface-type interface-number } command to add the user to the whitelist. Then packets sent from this user are not discarded.
  3. If the sender is an attacker, you do not need to perform any operation.
Parent Topic: SECE
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >