| Parameter | Description | Value |
|---|---|---|
| source ip-address | Specifies the source IP address in an ACI entry. |
The value is in dotted decimal notation. |
The DecoySensor parses DNS reply packets and establishes mappings between the source addresses of DNS request packets and the IP addresses corresponding to the domain names in DNS reply packets (that is, the ACI table). Subsequent TCP SYN packets and ICMP ping packets will match the ACI table. Traffic that fails to match the table is deceived to the Decoy for in-depth interactive detection.
If the number of current entries approaches the upper limit, run the deception aci timeout command to set a shorter aging time for ACI entries.
# Display the ACI table.
<HUAWEI> display deception aci ------------------------------------------------------------------------------------------------------- Current total number = 1 ------------------------------------------------------------------------------------------------------- source destnation time vpn-instance ------------------------------------------------------------------------------------------------------- 192.168.1.1 172.16.2.1 192 public
Item |
Description |
|---|---|
source |
Source IP address initiating a DNS request |
destnation |
IP address corresponding to the domain name in the DNS reply packet |
time |
Remaining lifetime of the entry |
vpn-instance |
VPN instance to which the source IP address belongs |