display ma-defend interface-policy
Function
The display ma-defend interface-policy command displays information about interface-based policy for management and service plane protection.
Usage Guidelines
Usage Scenario
To help the device defend against attacks or unauthorized logins initiated by sending protocol packets, management and service plane protection is used to prevent packets of a specified protocol or all protocols from being sent to the CPU. Using management and service plane protection improves device security and reliability and ensures normal network operation.
To verify management and service plane protection or troubleshoot faults, run the display ma-defend interface-policy command to view information about interface-based policy.Precautions
In VS mode, this command is supported only by the admin VS.
Example
The actual command output varies according to the device. The command output here is only an example.
<HUAWEI> display ma-defend interface-policy 1
MA-defend policy type: interface-policy
----------------------------------------------------
The interface-policy is enabled
--------------------------------------------------
protocol rule
--------------------------------------------------
FTP deny
BGP permit
----------------------------------------------------
| Item | Description |
|---|---|
| MA-defend policy type | Type of policy for management and service plane protection:
|
| protocol | Protocol name, which was defined in the protocol command. |
| rule | Rule defined in a policy:
|