H3C MSR Series Command Reference Manual page 1013

fin-flood: Specifies FIN flood attack.
flood: Specifies all IPv4 flood attacks.
http-flood: Specifies HTTP flood attack.
icmp-flood: Specifies ICMP flood attack.
rst-flood: Specifies RST flood attack.
syn-ack-flood: Specifies SYN-ACK flood attack.
syn-flood: Specifies SYN flood attack.
udp-flood: Specifies UDP flood attack.
ip-address: Specifies a protected IPv4 address. If you do not specify an IPv4 address, this command
displays flood attack detection and prevention statistics for all protected IPv4 addresses.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the protected IPv4
address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
Do not specify this option if the protected IPv4 address is on the public network.
interface interface-type interface-number: Specifies an interface by its type and number.
local: Specifies the device.
slot slot-number: Specifies a card by its slot number. This option is available only when you specify
the device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a
card, this command displays IPv4 flood attack detection and prevention statistics for all cards.
(Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. This option is available only
when you specify the device or a global interface, such as a VLAN interface or tunnel interface. If you
do not specify a member device, this command displays IPv4 flood attack detection and prevention
statistics for all member devices. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The
chassis-number argument represents the member ID of the IRF member device. The slot-number
argument represents the slot number of the card. This option is available only when you specify the
device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a card,
this command displays IPv4 flood attack detection and prevention statistics for all cards. (Distributed
devices in IRF mode.)
count: Displays the number of matching protected IPv4 addresses.
Usage guidelines
The device collects statistics about protected IP addresses for flood attack detection and prevention.
The attackers' IP addresses are not recorded.
If the interface and local parameters are not specified, this command display IPv4 flood attack
detection and prevention statistics on all interfaces and the device.
Examples
# (Centralized devices in standalone mode.) Display all IPv4 flood attack detection and prevention
statistics.
<Sysname> display attack-defense flood statistics ip
IP address
192.168.100.221 a0123456789 GE1/0/2
201.55.7.45
192.168.11.5
201.55.7.44
192.168.11.4
VPN Detected on
asd GE1/0/2
-- GE1/0/3
-- GE1/0/4
-- GE1/0/5
Detect type State
SYN-ACK-FLOOD Normal
SYN-ACK-FLOOD Normal
ACK-FLOOD Normal
DNS-FLOOD Normal
ACK-FLOOD Normal
990
PPS Dropped
1000 4294967295
1000 111111111
1000 222222222
1000 111111111
1000 22222222