< Home

display service-security statistics

Function

The display service-security statistics command displays statistics about matched rules in MPAC policies.

Format

display service-security statistics { ipv4 | ipv6 } [ security-policy-name ]

Parameters

Parameter Description Value
ipv4 Displays statistics about matched rules in IPv4 MPAC policy. -
ipv6 Displays statistics about matched rules in IPv6 MPAC policy. -
security-policy-name Indicates the name of an MPAC policy. The value is a string of 1 to 31 case-sensitive characters without spaces. It must start with a letter.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

An MPAC policy protects device security by controlling the packets destined for the CPUs.

The display service-security statistics command displays MPAC policy information and how many times MPAC rules are matched.

Example

# Display statistics about matched rules in all IPv4 MPAC policies.

<HUAWEI> display service-security statistics ipv4
Policy Name : A1
Step        : 5

Policy Name : beijing
Description : mpac policy for ipv4    
Step        : 2
 rule 2 permit protocol any (0 times matched)
 rule 4 deny protocol any (0 times matched)
 rule 6 permit protocol bgp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (1 times matched)
 rule 12 permit protocol ftp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 14 permit protocol ip source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 16 permit protocol ldp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 20 permit protocol ntp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 22 permit protocol ospf source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched)
 rule 24 permit protocol rip source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 26 permit protocol rsvp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched)
 rule 28 permit protocol snmp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched)
 rule 30 permit protocol ssh source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 32 permit protocol tcp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 34 permit protocol telnet source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)
 rule 36 permit protocol tftp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0times matched)
 rule 38 permit protocol udp source-ip 10.1.1.1 0 destination-ip 10.1.1.2 0 (0 times matched)

Policy Name : huawei
Step        : 5
 rule 5 permit protocol tcp source-ip 127.1.1.1 0 source-port 1000 (10 times matched)
 rule 10 permit protocol ip source-ip 10.10.1.0 0.0.0.255 (1 times matched)

# Display statistics about matched rules in the IPv4 MPAC policy named huawei.

<HUAWEI> display service-security statistics ipv4 huawei
Policy Name : huawei
Step        : 5
 rule 5 permit protocol tcp source-ip 127.1.1.1 0 source-port 1000 (10 times matched)
 rule 10 permit protocol ip source-ip 10.10.1.0 0.0.0.255 (1 times matched)
Table 1 Description of the display service-security statistics command output

Item

Description

Policy Name

Name of an MPAC policy.

Description

Description of an MPAC policy.

Step

Step between two MPAC rule IDs.

rule

MPAC rules.

(0 times matched)

Number of times the MPAC rules are matched.
Parent Topic: MPAC Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >