Maintaining Local Attack Defense

Before collecting attack defense statistics, delete the existing statistics.

Context

Attack defense statistics cannot be restored after being cleared. Therefore, exercise caution when running the following reset anti-attack statistics commands.

Procedure

  1. To clear attack defense statistics, run the reset cpu-defend { all | application-apperceive | tcpip-defend | tcpip-defend-v6 | total-packet | urpf } statistics [ slot slot-id ] command in the user view.

    In VS mode, this command is supported only by the admin VS.

  2. To clear information about attack source tracing stored in the memory of the interface board, run the reset attack-source-trace slot { slot-id | all }command in the user view.

    In VS mode, this command is supported only by the admin VS.

  3. To clear statistics about packets of a specified protocol group or all protocol groups, run the reset cpu-defend protocol-group { whitelist | user-defined-flow | management | route-protocol | multicast | arp | mpls | access-user | link-layer | network-layer | system-message | blacklist | check-failed | fwddata-to-cp | all } statistics slot slot-id command in the user view.
  4. To clear statistics about ND invalid packet attack defense, run the reset nd packet filter statistics [ slot slot-id ] command in the user view.

    In VS mode, this command is supported only by the admin VS.

  5. To clear ND attack statistics, run the reset ipv6 nd { na | ns-multicast | ns-unicast } attack interface { interface-type interface-num | interface-name } or reset ipv6 nd { na | ns-multicast | ns-unicast } attack slot { slotid | all } command in the user view.
Parent Topic: Local Attack Defense Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >