display auto-port-defend configuration
Function
The display auto-port-defend configuration command displays the configuration of port attack defense.
Example
# Display the configuration of port attack defense on the local device.
<HUAWEI> display auto-port-defend configuration -------------------------------------------------------------------------------- Name : test Related slot : <0> Auto-port-defend : enable Auto-port-defend sample : 5 Auto-port-defend aging-time : 300 second(s) Auto-port-defend arp-request threshold : 120 pps(enable) Auto-port-defend arp-request-uc threshold : 120 pps(enable) Auto-port-defend arp-reply threshold : 120 pps(enable) Auto-port-defend dhcp threshold : 120 pps(enable) Auto-port-defend icmp threshold : 120 pps(enable) Auto-port-defend igmp threshold : 120 pps(enable) Auto-port-defend ip-fragment threshold : 30 pps(enable) Auto-port-defend nd threshold : 120 pps(enable) Auto-port-defend alarm : disable --------------------------------------------------------------------------------
The preceding information is an example. The displayed information depends on the actual situation.
Item |
Description |
|---|---|
Name |
Name of an attack defense policy. |
Related slot |
ID of the stack to which the attack defense policy is applied. In a non-stack environment, this field indicates that the attack defense policy is applied to the local device. |
Auto-port-defend |
Whether port attack defense is enabled. To enable the port attack defense function, run the auto-port-defend enable command. |
Auto-port-defend sample |
Sampling ratio for protocol packets. To set this parameter, run the auto-port-defend sample command. |
Auto-port-defend aging-time |
Aging time for port attack defense. To set this parameter, run the auto-port-defend aging-time command. |
Auto-port-defend arp-request threshold |
Whether port attack defense is applied to ARP Request packets and rate threshold. To set this parameter, run the auto-port-defend protocol arp-request and auto-port-defend protocol arp-request threshold threshold commands. |
Auto-port-defend arp-request-uc threshold |
Whether port attack defense is applied to Unicast ARP Request packets and rate threshold. To set this parameter, run the auto-port-defend protocol arp-request-uc and auto-port-defend protocol arp-request-uc threshold threshold commands. |
Auto-port-defend arp-reply threshold |
Whether port attack defense is applied to ARP Reply packets and rate threshold. To set this parameter, run the auto-port-defend protocol arp-reply and auto-port-defend protocol arp-reply threshold threshold commands. |
Auto-port-defend dhcp threshold |
Whether port attack defense is applied to DHCP packets and rate threshold. To set this parameter, run the auto-port-defend protocol dhcp and auto-port-defend protocol dhcp threshold threshold commands. |
Auto-port-defend icmp threshold |
Whether port attack defense is applied to ICMP packets and rate threshold. To set this parameter, run the auto-port-defend protocol icmp and auto-port-defend protocol icmp threshold threshold commands. |
Auto-port-defend igmp threshold |
Whether port attack defense is applied to IGMP packets and rate threshold. To set this parameter, run the auto-port-defend protocol igmp and auto-port-defend protocol igmp threshold threshold commands. |
Auto-port-defend ip-fragment threshold |
Whether port attack defense is applied to IP fragments and rate threshold. To set this parameter, run the auto-port-defend protocol ip-fragment and auto-port-defend protocol ip-fragment threshold threshold commands. |
Auto-port-defend nd threshold |
Whether port attack defense is applied to ND packets and rate threshold. To set this parameter, run the auto-port-defend protocol nd and auto-port-defend protocol nd threshold threshold commands. |
Auto-port-defend alarm |
Whether the report of port attack defense events is enabled. To set this parameter, run the auto-port-defend alarm enable command. |