display auto-defend attack-source [ history [ begin begin-date begin-time ] [ slot slot-id ] | [ slot slot-id ] [ detail ] ]
Parameter |
Description |
Value |
|---|---|---|
history |
Displays the history attack source information. If history is not specified, all existing attack source information is displayed. |
- |
begin begin-date begin-time |
Specifies the start time. |
begin-date is in the format YYYY/MM/DD. begin-time is in the format HH:MM:SS. The value of YYYY/MM/DD ranges from 2000/1/1 to 2099/12/31. The value of HH:MM:SS ranges from 00:00:00 to 23:59:59. |
slot slot-id |
|
The value must be set according to the device configuration. |
detail |
Displays detailed information about the attack sources, including the type of attack packets. If detail is not specified, brief information about the attack sources is displayed. |
- |
The display auto-defend attack-source command displays the attack sources.
In a stack, the attack source list can be saved on each member switch. The display auto-defend attack-source slot slot-id command displays the attack source list on the specified member switch.
# Display the attack source list.
<HUAWEI> display auto-defend attack-source Attack Source User Table (slot 0): ----------------------------------------------------------------------------- MacAddress InterfaceName Vlan:Outer/Inner TotalPackets ----------------------------------------------------------------------------- 0000-c103-0102 GigabitEthernet0/0/1 100 1395 ----------------------------------------------------------------------------- Total: 1 Attack Source Port Table (slot 0): ------------------------------------------------------------ InterfaceName Vlan:Outer/Inner TotalPackets ------------------------------------------------------------ GigabitEthernet0/0/1 100 605 ------------------------------------------------------------ Total: 1 Attack Source IP Table (slot 0): ---------------------------------------------------------------------- IPAddress TotalPackets ---------------------------------------------------------------------- 2:2:2:2:2:2:2:2 1395 ---------------------------------------------------------------------- Total: 1
# Display detailed information about the attack source list.
<HUAWEI> display auto-defend attack-source detail Attack Source User Table (slot 0): ---------------------------------------------------- MAC Address 0000-c103-0102 Interface GigabitEthernet0/0/1 VLAN: Outer/Inner 100 ARP: 1580 Total 1580 ---------------------------------------------------- Total: 1 Attack Source Port Table (slot 0): ---------------------------------------------------- Interface GigabitEthernet0/0/1 VLAN: Outer/Inner 100 ARP: 790 Total 790 ---------------------------------------------------- Total: 1 Attack Source IP Table (slot 0): --------------------------------------------------------------------------- IP address 2:2:2:2:2:2:2:2 ARP: 1580 Total 1580 --------------------------------------------------------------------------- Total: 1
Item |
Description |
|---|---|
Attack Source User Table (slot 0) |
Source tracing information of device, which is distinguished according to the attack user. |
Attack Source Port Table (slot 0) |
Source tracing information of device, which is distinguished according to the attacked interface. NOTE:
The device does not support attack source tracing based on source interfaces and VLANs for Layer 3 Ethernet interfaces. Therefore, this field does not contain the attack source tracing information of Layer 3 Ethernet interfaces. |
Attack Source IP Table (slot 0) |
Source tracing information of device, which is distinguished according to the attacked interface. |
IPAddress |
User IP address. |
MacAddress |
MAC address of the user. |
InterfaceName |
Name of the interface that initiates the attack. |
Interface |
Name of the interface that initiates the attack. |
Vlan:Outer/Inner |
ID of the VLAN that an interface belongs to. Outer indicates the outer VLAN ID and Inner indicates the inner VLAN ID. NOTE:
This field displays - for the attack source tracing entries of Layer 3 Ethernet interfaces. |
TotalPackets |
Total number of packets received by the device. |
<HUAWEI> display auto-defend attack-source history S : start time E : end time Attack History User Table (slot 0): ------------------------------------------------------------------------------ AttackTime MacAddress IFName Vlan:O/I Protocol PPS ------------------------------------------------------------------------------ S:2016-09-08 07:36:15 0000-c103-0102 GE0/0/1 100 ARP 40 E:- ------------------------------------------------------------------------------ Total: 1 Attack History Port Table (slot 0): --------------------------------------------------------------- AttackTime IFName Vlan:O/I Protocol PPS --------------------------------------------------------------- S:2016-09-08 07:36:37 GE0/0/1 100 ARP 40 E:- --------------------------------------------------------------- Total: 1 Attack History IP Table (slot 0): ---------------------------------------------------------------------------- AttackTime IPAddress Protocol PPS ---------------------------------------------------------------------------- S:2016-09-08 07:36:15 2:2:2:2:2:2:2:2 ARP E:- 40 ---------------------------------------------------------------------------- Total: 1
Item |
Description |
|---|---|
Attack History User Table (slot 0) |
Information about attack sources on the device, which is distinguished according to attackers. |
Attack History Port Table (slot 0) |
Information about attack sources on the device, which is distinguished according to attacked interfaces. |
Attack History IP Table (slot 0) |
Information about attack sources on the device, which is distinguished according to attacked source IP addresses. |
AttackTime |
Attack time.
|
MacAddress |
User MAC address. |
IPAddress |
User IP address. |
IFName |
Name of the interface that initiates the attack. |
Vlan:O/I |
ID of the VLAN that an interface belongs to. The value O indicates the outer VLAN ID and the value I indicates the inner VLAN ID. |
Protocol |
Attack type. |
PPS |
Highest rate of attack packets. |