display attack-source-trace file brief

Function

The display attack-source-trace file brief command displays brief information about attack source tracing in a specified file.

Format

display attack-source-trace file filename brief [ { source source-ip source-ip-mask } | { destination dest-ip dest-ip-mask } | { source-port source-port-num } | { destination-port dest-port-num } | { protocol-number protocol-num } | { time-range from begin-time [ to end-time ] } | { source-ipv6 source-ipv6-address source-ipv6-prefixlen } | { destination-ipv6 destination-ipv6-address destination-ipv6-prefixlen } | { next-header next-header } ] *

Parameters

Parameter Description Value
filename

Specifies the name of a file.

The value is a string of 1 to 128 case-sensitive characters, spaces not supported.
source source-ip

Displays brief information about attack source tracing based on the source IP address.

source-ip is an IPv4 address in dotted decimal notation (X.X.X.X), for example, 10.1.1.1.
source-ip-mask

Displays brief information about attack source tracing based on the source IP address subnet mask.

source-ip-mask is an IPv4 subnet mask in dotted decimal notation (X.X.X.X), for example, 255.255.255.0.
destination dest-ip

Displays brief information about attack source tracing based on the destination IP address.

dest-ip is an IPv4 address in dotted decimal notation (X.X.X.X), for example, 10.1.1.1.
dest-ip-mask

Displays brief information about attack source tracing based on the destination IP address subnet mask.

dest-ip-mask is an IPv4 subnet mask in dotted decimal notation (X.X.X.X), for example, 255.255.255.0.
source-port source-port-num

Displays brief information about attack source tracing based on the source port number.

The value is an integer ranging from 0 to 65535.
destination-port dest-port-num

Displays brief information about attack source tracing based on the destination port number.

The value is an integer ranging from 0 to 65535.
protocol-number protocol-num

Displays brief information about attack source tracing based on the protocol number.

The value is an integer ranging from 0 to 255.
time-range

Sorted by time segment.

-
from begin-time

Display brief information about attack source tracing based on the start time of a time range.

The value is in the format of YYYY/MM/DD,HH:MM:SS. YYYY-MM-DD indicates the year/month/day. The value of YYYY ranges from 1970 to 9999; the value of MM ranges from 1 to 12; the value of DD ranges from 1 to 31. HH:MM:SS indicates the hour:minute:second. The value of HH ranges from 0 to 23; the value of MM and SS ranges from 0 to 59.
to end-time

Display brief information about attack source tracing based on the end time of a time range.

The value is in the format of YYYY/MM/DD,HH:MM:SS. YYYY-MM-DD indicates the year/month/day. The value of YYYY ranges from 1970 to 9999; the value of MM ranges from 1 to 12; the value of DD ranges from 1 to 31. HH:MM:SS indicates the hour:minute:second. The value of HH ranges from 0 to 23; the value of MM and SS ranges from 0 to 59.
source-ipv6 source-ipv6-address

Specifies a source IPv6 address.

The value is a 32-digit hexadecimal number, in the IPv6 address format of X:X:X:X:X:X:X:X.
source-ipv6-prefixlen

Specifies a source IPv6 address's prefix length.

The IPv6 prefix length is an integer ranging from 1 to 128.
destination-ipv6 destination-ipv6-address

Specifies a destination IPv6 address.

The value is a 32-digit hexadecimal number, in the IPv6 address format of X:X:X:X:X:X:X:X.
destination-ipv6-prefixlen

Specifies a destination IPv6 address's prefix length.

The IPv6 prefix length is an integer ranging from 1 to 128.
next-header next-header

Specifies an IPv6 protocol number.

The value is an integer ranging from 0 to 255.

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name Operations
cpu-defend read

Usage Guidelines

Usage Scenario

To display brief information about attack source tracing, the display attack-source-trace file brief command can be used. The display can be based on the source IP address and its subnet mask, destination IP address and its subnet mask, source port number, destination port number, protocol number, or time range.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display brief information about attack source tracing in the file named sun.cap in IPv6 scenarios.
<HUAWEI> display attack-source-trace file sun.cap brief
No 1 Packet Info:         
 PeVlanid         : 0   
 CeVlanid         : 0  
 Source IPv6      : 2001:db8:1::1  
 Dest IPv6        : 2001:db8:2::1  
 Protocol Num     : 89 
 Attack Pack Time : 2017-07-13 15:10:13
 Attack Trace Data:  
ff ff ff ff ff ff 00 00 50 01 03 63 08 00 45 00
00 72 00 00 00 00 40 59 65 79 50 01 03 63 c0 55 
01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ff ff ff ff ff ff 00 00 50 01 03 63 08 00 45 00 
00 72 00 00 00 00 40 59 65 79 50 01 03 63 c0 55
 ----------------------------------
# Display brief information about the attack source tracing in the file named sun.cap in IPv4 scenarios.
<HUAWEI> display attack-source-trace file sun.cap brief
No 1 Packet Info:
 PeVlanId         : 0
 CeVlanId         : 0
 Source Ip        : 10.1.1.1
 Dest Ip          : 10.1.1.2
 Protocol Num     : 6
 Attack Pack Time : 2000-01-02 07:11:30
 Attack Trace Data: 
28 6e d4 50 e8 06 78 1d ba 57 0a 85 08 00 45 00 
00 28 b1 6e 40 00 7f 06 7c 50 81 01 75 06 81 01 
57 08 04 cd 00 17 20 54 22 6f 4d aa 00 e0 50 10 
3c c0 0e d2 00 00 00 00 00 00 00 00 00 00 00 00 
 ----------------------------------
 No 2 Packet Info:
 PeVlanId         : 0
 CeVlanId         : 0
 Source Ip        : 10.10.10.10
 Dest Ip          : 255.255.255.255
 Protocol Num     : 17
 Attack Pack Time : 2000-01-02 07:11:30
 Attack Trace Data: 
ff ff ff ff ff ff 00 e0 4c 90 2a 86 08 00 45 00 
00 64 d3 5c 00 00 80 11 54 a7 0a 6b 08 1b ff ff 
ff ff 08 14 18 56 00 50 87 10 53 65 61 72 63 68 
48 75 61 77 65 69 49 6e 73 74 72 75 00 00 00 00 
 ----------------------------------
Table 1 Description of the display attack-source-trace file brief command output
Item Description
No 1 Packet Info

Packet information.
No 2 Packet Info

No 2 Packet Info.
PeVlanid

PE VLAN ID of the port for transmitting information about attack source tracing.
CeVlanid

CE VLAN ID of the port for transmitting information about attack source tracing.
Source Ip

Source IP address.
Source IPv6

Source IPv6 address.
Dest Ip

Destination IP address.
Dest IPv6

Destination IPv6 address.
Attack Trace Data

Data recorded by attack source tracing.
Attack Pack Time

Time for packet attacks.
Protocol Num

Protocol number.
Parent Topic: Local Attack Defense Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >