| Parameter | Description | Value |
|---|---|---|
| slot slot-id | Specifies a slot ID. |
The value must be set according to the device configuration. |
When a detected network segment, bait network segment, or deception whitelist is configured, a configuration flow table is generated. If the preceding configuration is changed, the switch checks whether the deceived traffic meets the conditions of configuration flow tables and determines whether to lure the traffic to the Decoy.
# Display the configuration flow table.
<HUAWEI> display deception config-flow Slot: 0 ------------------------------------------------------------------------------------------------------- CFG Flow ID 1 information: ------------------------------------------------------------------------------------------------------- Priority :0 Action :1 Causeid :16384 Vpn-instance : Source IP :10.10.11.11/255.255.255.255 ------------------------------------------------------------------------------------------------------- CFG Flow ID 2 information: ------------------------------------------------------------------------------------------------------- Priority :1 Action :4 Causeid :4096 Vpn-instance : Destination IP :192.168.1.0/255.255.255.240 ------------------------------------------------------------------------------------------------------- CFG Flow ID 3 information: ------------------------------------------------------------------------------------------------------- Priority :3 Action :8 Causeid :1 Vpn-instance : Destination IP :10.10.10.0/255.255.255.0 ------------------------------------------------------------------------------------------------------- CFG Flow ID 4 information: ------------------------------------------------------------------------------------------------------- Priority :3 Action :8 Causeid :1 Vpn-instance : Source IP :10.10.10.0/255.255.255.0 ------------------------------------------------------------------------------------------------------- CFG Flow ID 5 information: ------------------------------------------------------------------------------------------------------- Priority :3 Action :8 Causeid :1 Vpn-instance : Destination IP :192.168.1.0/255.255.255.0 ------------------------------------------------------------------------------------------------------- CFG Flow ID 6 information: ------------------------------------------------------------------------------------------------------- Priority :3 Action :8 Causeid :1 Vpn-instance : Source IP :192.168.1.0/255.255.255.0 ------------------------------------------------------------------------------------------------------- CFG Flow ID 7 information: ------------------------------------------------------------------------------------------------------- Priority :0 Action :1 Causeid :16384 Vpn-instance : Destination IP :10.10.10.22/255.255.255.255
| Item | Description |
|---|---|
| Slot | Slot ID. |
CFG Flow ID n information |
Information about configuration flow table n. |
Priority |
Priority of the configuration flow entry. The value is in the range from 0 to 10, and a smaller value indicates a higher priority. If a flow matches multiple configuration flow entries, the configuration flow entry with the highest priority takes effect. |
Action |
Action taken on the packets matching the configuration flow entry:
|
Causeid |
Type of packets. The value in 2i, in which i can be as follows:
|
Vpn-instance |
VPN instance. |
Destination IP |
Destination IP address of traffic. |
Destination Port |
Destination TCP port number of traffic. |
Source IP |
Source IP address of traffic. |