This section provides a sample of configuring a whitelist for attack source tracing using the edit-config method.
Operation |
XPATH |
|---|---|
edit-config |
|
Item |
Data |
Description |
|---|---|---|
Name of the attack defense policy |
test |
The name of the attack defense policy is test. |
Whether attack source tracing is enabled |
true |
Attack source tracing is enabled. |
Whitelist ID |
5 |
The whitelist ID for attack source tracing is 5. |
Number of the ACL applied to the whitelist for attack source tracing |
3001 |
ACL 3001 is applied to the whitelist for attack source tracing. |
Request Example
<?xml version='1.0' encoding='UTF-8'?>
<rpc message-id="8" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config>
<hw-traffic:defend xmlns:hw-traffic="urn:huawei:params:xml:ns:yang:huawei-traffic">
<hw-traffic:policy>
<hw-traffic:policy-list>
<hw-traffic:name>test</hw-traffic:name>
<hw-traffic:auto-defend>
<hw-traffic:enable>true</hw-traffic:enable>
<hw-traffic:whitelist>
<hw-traffic:whitelist-id-list>
<hw-traffic:whitelist-id>5</hw-traffic:whitelist-id>
<hw-traffic:acl>3001</hw-traffic:acl>
</hw-traffic:whitelist-id-list>
</hw-traffic:whitelist>
</hw-traffic:auto-defend>
</hw-traffic:policy-list>
</hw-traffic:policy>
</hw-traffic:defend>
</config>
</edit-config>
</rpc>
Response Example
Sample of successful response
<?xml version='1.0' encoding='UTF-8'?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="3"> <ok/> </rpc-reply>
Sample of failed response
<?xml version='1.0' encoding='UTF-8'?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="7">
<rpc-error>
<error-type>application</error-type>
<error-tag>operation-failed</error-tag>
<error-severity>error</error-severity>
<error-message>parse rpc config error.</error-message>
</rpc-error>
</rpc-reply>
Item |
Data |
Description |
|---|---|---|
Query attack source information |
0 |
Query attack source information of the slot 0. |
Query source tracing information |
0 |
Query source tracing information of interfaces in the slot 0. |
Request Example
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1e50634f-2b46-11e8-8554-e04c4a198245">
<hw-traffic:attack-user xmlns:hw-traffic="urn:huawei:params:xml:ns:yang:huawei-traffic">
<hw-traffic:slot>0</hw-traffic:slot>
</hw-traffic:attack-user>
</rpc>
Response Example
Sample of successful response
<?xml version='1.0' encoding='UTF-8'?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1e50634f-2b46-11e8-8554-e04c4a198245">
<result>
<attack-user>
<user>
<trace-type>mac</trace-type>
</user>
<user>
<trace-type>ip</trace-type>
</user>
</attack-user>
</result>
</rpc-reply>
Sample of failed response
<?xml version='1.0' encoding='UTF-8'?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="4c26fa70-2b49-11e8-a720-e04c4a198245">
<rpc-error xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<error-type>application</error-type>
<error-tag>operation-failed</error-tag>
<error-severity>error</error-severity>
<error-app-tag>1</error-app-tag>
<error-path/>
<error-message>The configuration/operation does not support.</error-message>
</rpc-error>
</rpc-reply>