display nat flow-defend reverse-blacklist

Format

display nat flow-defend reverse-blacklist [ slot slot-id ]

Parameters

Parameter	Description	Value
slot slot-id	Specifies the slot ID of a service board.	-

Parameter

Description

Value

slot slot-id

Specifies the slot ID of a service board.

-

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
nat	read

Usage Guidelines

When a new flow from the public network to the private network is attacked, run the display nat flow-defend reverse-blacklist command to view the IP addresses, port numbers, and protocol types of the attacker and victim.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display blacklist entries of a new flow from the public network to the private network.

<HUAWEI> display nat flow-defend reverse-blacklist
Slot: 1
Current total reverse-blacklists: 1(Ip+Port).
 Victim information(IP,port): (10.33.33.2,0)
 Attacker information(IP,port): (1.1.1.2,0)
 Protocol: UDP, VPN: -
 Create: 2017-6-25 10:25:43, Left: 00:10:00 
 Current Attack-rate: 129kpps, Max Attack-rate: 129kpps

Current total reverse-blacklists: 1(Ip).
 Victim information(IP): (10.33.33.2)
 Attacker information(IP,port): (1.1.1.2,0) VPN: -
 Create: 2017-6-25 10:25:43, Left: 00:10:00 
 Current Attack-rate: 129kpps, Max Attack-rate: 129kpps

**Table 1** Description of the **display nat flow-defend reverse-blacklist** command output
Item	Description
Current Attack-rate	Rate at which attack packets are sent.
Victim information(IP,port)	Victim information.
Victim information(IP)	Victim information.
Attacker information(IP,port)	Attacker information.
Max Attack-rate	Maximum rate at which attack packets are sent.
Protocol	Protocol.
Create	Date and time when blacklist entries were created.
VPN	Name of a VPN instance.
Left	Remaining time before blacklist entries age.
Slot	Slot ID.