Displaying dns attack protection information, Displaying dns dpi policy counters – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual
Page 34
22
Brocade Virtual ADX Security Guide
53-1003250-01
DNS-DPI Attack Protection
1
Displaying DNS attack protection information
The following information can be displayed regarding DNS attack protection.
•
DNS DPI policy counters
•
IP addresses held down by a rate limit action
Displaying DNS DPI policy counters
DNS DPI policy counters can be displayed for a specified DNS policy as shown.
Virtual ADX#show csw-dns-policy p1
Rule Name
Action
Hit Count
Rate Limit Held Down
d2
redirect
0
0
d4
drop
0
0
d3
rate-limit
0
0
default
drop
0
0
You can display the DNS DPI policy counters for all DNS policies as shown.
Virtual ADX#show csw-dns-policy
Total Policies:3
Total Rules:6
Total Rule Actions:6
Policy Name :p1 Bind Count:2
Rule Name
Action
Hit Count
Rate Limit Held Down
d5
redirect
0
0
d1
redirect
0
0
d2
redirect
0
0
d3
rate-limit
0
0
default
drop
0
0
Policy Name
:p2
Bind Count:0
Rule Name
Action
Hit Count
Rate Limit Held Down
Policy Name :p3 Bind Count:0
Rule Name
Action
Hit Count
Rate Limit Held Down
d3
drop
0
0
Syntax: show csw-dns-policy policy-name
The policy-name variable species a DNS policy that you want to display DNS DPI policy counters for.
CSW DNS DPI policy counters can be cleared for a specified DNS policy as shown.
Virtual ADX#clear csw-policy p1
Syntax: clear csw-policy policy-name
Displaying IP addresses held down by a rate limit action
IP addresses held down by a rate limit action can be displayed for an application process (BP) from
the rconsole as shown.
Virtual ADX#rconsole 1 1
Virtual ADX1/1#show security holddown
source
destination
vers
attempt
start
last
HD
time
10.30.30.4
10.0.0.3
3
45646
5646
N
1