0
点赞
收藏
分享

微信扫一扫

华为设备配置攻击溯源命令

Jonescy 2022-08-20 阅读 126

[Huawei]cpu-defend policy p2  //进入防攻击策略视图

[Huawei-cpu-defend-policy-p2]auto-defend enable  //使能攻击溯源功能

[Huawei-cpu-defend-policy-p2]auto-defend threshold 60  //配置攻击溯源检查阈值,缺省为60pps

[Huawei-cpu-defend-policy-p2]auto-defend attack-packet sample 5  //配置攻击溯源的采样比,缺省为5

[Huawei-cpu-defend-policy-p2]auto-defend trace-type source-ip  //配置攻击溯源的溯源模式,缺省为基于源IP地址和基于源MAC地址

[Huawei-cpu-defend-policy-p2]auto-defend trace-type source-mac  

[Huawei-cpu-defend-policy-p2]auto-defend trace-type source-portvlan

[Huawei-cpu-defend-policy-p2]auto-defend protocol all  //配置攻击溯源防范的报文类型,缺省为8021X、ARP、DHCP、ICMP、IGMP、TCP、Telnet

[Huawei-cpu-defend-policy-p2]auto-defend whitelist 1 acl 2000  //配置攻击溯源的白名单

[Huawei-cpu-defend-policy-p2]auto-defend whitelist 1 interface GigabitEthernet 0/0/1

[Huawei-cpu-defend-policy-p2]auto-defend alarm enable   //使能攻击溯源事件上报功能

[Huawei-cpu-defend-policy-p2]auto-defend threshold 60  //配置攻击溯源事件上报阈值,缺省为60pps

[Huawei-cpu-defend-policy-p2]auto-defend action deny   //使能攻击溯源的惩罚功能,并指定惩罚措施

[Huawei-cpu-defend-policy-p2]auto-defend action error-down

[Huawei]cpu-defend-policy p2 global  //应用防攻击策略

[Huawei]display auto-defend attack-source  //查看攻击源信息

[Huawei]display auto-defend configuration  //查看防攻击策略的攻击溯源配置信息

举报

相关推荐

0 条评论