目的
判断网络攻击来源
设置管理员ip为白名单
acl 3666
rule 1 permit ip source 10.200.15.1 0.0.0.0
根据IP判断
cpu-defend policy 1
auto-defend enable
auto-defend attack-packet sample 5
auto-defend trace-type source-mac source-ip source-portvlan
auto-defend protocol arp icmp dhcp telnet
auto-defend threshold 60
auto-defend alarm enable
auto-defend alarm threshold 60
auto-defend whitelist 1 acl 3666
根据端口判断
cpu-defend policy 1
auto-port-defend enable
auto-port-defend attack-packet sample 5
auto-port-defend protocol arp-request arp-reply dhcp icmp
auto-port-defend protocol arp-request threshold 30
auto-port-defend protocol arp-reply threshold 30
auto-port-defend protocol dhcp threshold 30
auto-port-defend protocol icmp threshold 30
auto-port-defend alarm enable
auto-port-defend whitelist 1 acl 3666
应用策略
cpu-defend-policy 1 global
查看攻击来源ip
display auto-defend attack-source
查看攻击来源端口
display auto-port-defend attack-source