display nat flow-defend reverse-blacklist
Function
The display nat flow-defend reverse-blacklist command displays blacklist entries about a new flow from the public network to the private network on a CPU.
This command is supported only on the NetEngine 8000 F1A.
Example
The actual command output varies according to the device. The command output here is only an example.
# Display blacklist entries of a new flow from the public network to the private network.
<HUAWEI> display nat flow-defend reverse-blacklist Slot: 1 Current total reverse-blacklists: 1(Ip+Port). Victim information(IP,port): (10.33.33.2,0) Attacker information(IP,port): (1.1.1.2,0) Protocol: UDP, VPN: - Create: 2017-6-25 10:25:43, Left: 00:10:00 Current Attack-rate: 129kpps, Max Attack-rate: 129kpps Current total reverse-blacklists: 1(Ip). Victim information(IP): (10.33.33.2) Attacker information(IP,port): (1.1.1.2,0) VPN: - Create: 2017-6-25 10:25:43, Left: 00:10:00 Current Attack-rate: 129kpps, Max Attack-rate: 129kpps
| Item | Description |
|---|---|
| Current Attack-rate | Rate at which attack packets are sent. |
| Victim information(IP,port) | Victim information. |
| Victim information(IP) | Victim information. |
| Attacker information(IP,port) | Attacker information. |
| Max Attack-rate | Maximum rate at which attack packets are sent. |
| Protocol | Protocol. |
| Create | Date and time when blacklist entries were created. |
| VPN | Name of a VPN instance. |
| Left | Remaining time before blacklist entries age. |
| Slot | Slot ID. |