To Next Page

To Previous Page

990

fin-flood: Specifies FIN flood attack.

flood: Specifies all IPv4 flood attacks.

http-flood: Specifies HTTP flood attack.

icmp-flood: Specifies ICMP flood attack.

rst-flood: Specifies RST flood attack.

syn-ack-flood: Specifies SYN-ACK flood attack.

syn-flood: Specifies SYN flood attack.

udp-flood: Specifies UDP flood attack.

ip-address: Specifies a protected IPv4 address. If you do not specify an IPv4 address, this command

displays flood attack detection and prevention statistics for all protected IPv4 addresses.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the protected IPv4

address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.

Do not specify this option if the protected IPv4 address is on the public network.

interface interface-type interface-number: Specifies an interface by its type and number.

local: Specifies the device.

slot slot-number: Specifies a card by its slot number. This option is available only when you specify

the device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a

card, this command displays IPv4 flood attack detection and prevention statistics for all cards.

(Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. This option is available only

when you specify the device or a global interface, such as a VLAN interface or tunnel interface. If you

do not specify a member device, this command displays IPv4 flood attack detection and prevention

statistics for all member devices. (Centralized devices in IRF mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The

chassis-number argument represents the member ID of the IRF member device. The slot-number

argument represents the slot number of the card. This option is available only when you specify the

device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a card,

this command displays IPv4 flood attack detection and prevention statistics for all cards. (Distributed

devices in IRF mode.)

count: Displays the number of matching protected IPv4 addresses.

Usage guidelines

The device collects statistics about protected IP addresses for flood attack detection and prevention.

The attackers' IP addresses are not recorded.

If the interface and local parameters are not specified, this command display IPv4 flood attack

detection and prevention statistics on all interfaces and the device.

Examples

# (Centralized devices in standalone mode.) Display all IPv4 flood attack detection and prevention

statistics.

<Sysname> display attack-defense flood statistics ip

IP address VPN Detected on Detect type State PPS Dropped

192.168.100.221 a0123456789 GE1/0/2 SYN-ACK-FLOOD Normal 1000 4294967295

201.55.7.45 asd GE1/0/2 SYN-ACK-FLOOD Normal 1000 111111111

192.168.11.5 -- GE1/0/3 ACK-FLOOD Normal 1000 222222222

201.55.7.44 -- GE1/0/4 DNS-FLOOD Normal 1000 111111111

192.168.11.4 -- GE1/0/5 ACK-FLOOD Normal 1000 22222222

Other manuals for H3C MSR Series

Manual33 pages

Probe Command Reference28 pages

Configuration Guide80 pages

Troubleshooting Guide28 pages

User Guide26 pages

Questions and Answers:

Need help?

Do you have a question about the H3C MSR Series and is the answer not in the manual?

H3C MSR Series Specifications

General

Category	Network Router
IPv6 Support	Yes
Dimensions	Varies by model
Weight	Varies by model
Product Type	Modular Router
Ports	Varies by model
WAN Interfaces	Varies by model
Firewall	Yes
QoS	Yes
Wireless Support	Varies by model
USB Ports	Varies by model
Console Port	Yes
Power Supply	Varies by model
Redundancy	Varies by model
Operating Temperature	0°C to 45°C
Storage Temperature	-40°C to 70°C
Humidity	5% to 95% non-condensing
Series	MSR
Certifications	CE, FCC, RoHS