display deception port-redirect

Function

The display deception port-redirect command displays information about deceived traffic due to the scanning of unopened TCP ports.

Format

display deception port-redirect [ source-ip ip-address ] [ destination-ip ip-address ] [ destination-port port ]

Parameters

Parameter	Description	Value
source-ip ip-address	Specifies the source IP address of the deceived traffic.	The value is in dotted decimal notation.
destination-ip ip-address	Specifies the destination IP address of the deceived traffic.	The value is in dotted decimal notation.
destination-port port	Specifies the destination port of the deceived traffic.	The value is an integer in the range from 1 to 65535.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

If it is found that deceived traffic is normal service traffic, run the reset deception port-redirect command to delete the corresponding entry from the deception flow table to release the traffic.

Example

# Display information about deceived traffic due to the scanning of unopened TCP ports.

<HUAWEI> display deception port-redirect
---------------------------------------------------------------------------------------------------                                 
Current total number = 0                                                                                                            
                                                                                                                                    
---------------------------------------------------------------------------------------------------                                 
source          destination     port   out-vlan vpn-instance  packets  left-time(s)                                                 
---------------------------------------------------------------------------------------------------

**Table 1** Description of the **display deception port-redirect** command output
Item	Description
Current total number	Number of entries.
source	Source IP address of the deceived traffic.
destination	Destination IP address of the deceived traffic.
port	Destination TCP port of the deceived traffic.
out-vlan	VLAN of the deceived traffic.
vpn-instance	VPN instance of the deceived traffic.
packets	Number of the deceived packets
left-time(s)	Remaining time before an entry ages, in seconds. The aging time is 10 minutes. If no traffic matches the entry within the aging time, the entry is deleted. If traffic matches the entry within the aging time, the aging time is updated.