display deception config-flow

Function

The display deception config-flow command displays the deception configuration flow table.

Format

display deception config-flow

Parameters

None

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

The configuration of detected network segments, whitelists, or decoy network segments triggers the generation of the configuration flow table.

If the configuration changes, the DecoySensor checks whether the deceived traffic complies with the configuration flow table and determines whether to continue to deceive the traffic to the decoy.

Example

# Display the deception configuration flow table.

<FW> display deception config-flow
Slot: 0 
--------------------------------------------------------------------------------
CFG Flow ID 1 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Source IP :10.10.131.0/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 2 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Destination IP :10.10.131.0/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 3 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Source IP :2.2.2.2/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 4 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Destination IP :2.2.2.2/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 5 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Source IP :10.10.0.0/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 6 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Destination IP :10.10.0.0/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 7 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Source IP :10.0.0.0/255.255.255.0 
--------------------------------------------------------------------------------
CFG Flow ID 8 information: 
--------------------------------------------------------------------------------
Priority :3 
Action :8 
Causeid :1 
Vpn-instance :public 
Destination IP :10.0.0.0/255.255.255.0

**Table 1** Description of the **display deception config-flow** command output
Item	Description
Slot	Slot ID.
CFG Flow ID n information	Information about flow n in the configuration flow table.
Priority	Flow priority, which ranges from 0 to 10. A smaller value indicates a higher priority. If traffic matches multiple flows in the flow table, the flow with the highest priority takes effect.
Action	Action to be taken on packets that match the flow table: 1: Do not perform deception detection. 2: Discard the packets. 4 or 8: Perform deception detection.
Causeid	Flow type: 1: ARP packets 3: SYN packets 4: SYN-ACK packets 5: RST packets 6: Packets that match the ARP decoy network segment 7: Packets that match the TCP decoy network segment 8: Packets that match the ARP whitelist 9: Packets that match the TCP whitelist 10: Packets that match the configuration flow table 11: UDP packets that match the decoy 12: Packets that match decoy network segments
Vpn-instance	VPN instance.
Destination IP	Destination IP address.
Destination Port	Destination port.
Source IP	Source IP address.