425
[Router] display blacklist all
Blacklist information
-------------------------------------------------------------------------
Blacklist : enabled
Blacklist items : 2
------------------------------------------------------------------------------
IP Type Aging started Aging finished Dropped packets
YYYY/MM/DD hh:mm:ss YYYY/MM/DD hh:mm:ss
5.5.5.5 manual 2008/04/09 16:02:20 Never 0
192.168.1.4 manual 2008/04/09 16:02:26 2008/04/09 16:52:26 0
After the configuration takes effect, the router should:
• Always drop packets from Host D unless you delete Host D's IP address from the blacklist by
using the undo blacklist ip 5.5.5.5 command.
• Within 50 minutes, drop Host C's packets received.
• After 50 minutes, correctly forward Host C's packets received.
Traffic statistics configuration example
Network requirements
As shown in Figure 143, configure traffic statistics in the outbound direction of GigabitEthernet 1/1,
and configure UDP flood attack protection to protect the internal server against external UDP flood
attacks.
Figure 143 Network diagram
Configuration procedure
# Configure IP addresses for interfaces. (Details not shown.)
# Create attack protection policy 1.
<Router> system-view
[Router] attack-defense policy 1
# Enable UDP flood attack protection.
[Router-attack-defense-policy-1] defense udp-flood enable
# Set the global action threshold for UDP flood attack protection to 100 packets per second.
[Router-attack-defense-policy-1] defense udp-flood rate-threshold high 100
# Configure the policy to drop the subsequent packets once a UDP flood attack is detected.
[Router-attack-defense-policy-1] defense udp-flood action drop-packet
[Router-attack-defense-policy-1] quit
# Apply policy 1 to GigabitEthernet 1/1.
[Router] interface gigabitethernet 1/1
[Router-GigabitEthernet1/1] attack-defense apply policy 1
# Enable the traffic statistics function in the outbound direction of GigabitEthernet 1/1.
[Router-GigabitEthernet1/1] flow-statistic enable outbound
To Next Page
Loading...
