display firewall emergency auto-defend

Function

The display firewall emergency auto-defend command displays information about automatic defense.

Format

display firewall emergency auto-defend

Parameters

None

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Application Scenarios

This command displays the result of automatically identified and manually configured public and private network ports, the time at which the automatic defense function takes effect or the time left for it to remain available, and the rate of dynamic traffic limiting.

Example

# Display information about the automatic defense function.

<sysname> display firewall emergency auto-defend
 =====================================================================           
                  Emergency Auto-defend Information                             
=====================================================================           
 IPCar state:      ON                                                           
 AntiDDoS state:   ON                                                           
 Total timeout:    300(s)                                                       
 Remaining time:   240(s)                                                       
 Time to warning:  180(s)                                                       
 IPcar threshold:  5000                                                         
 AntiDDoS CAR:     0                                                            
---------------------------------------------------------------------           
                  IPCar Information                                             
---------------------------------------------------------------------           
 Interface                     Defend-type           Add-mode                   
 GigabitEthernet0/0/0          SRC                   AUTO                       
 GigabitEthernet0/0/3          SRC                   AUTO                       
 GigabitEthernet0/0/4          SRC                   AUTO                       
 GigabitEthernet0/0/5          SRC                   AUTO                       
---------------------------------------------------------------------           
 Emergency auto-defend exceed session rate limit discarded: 0                   
=====================================================================

**Table 1** Description of the **display firewall emergency auto-defend** command output
Item	Description
IPCar state	Enabling status of new connection for the automatic defense function
AntiDDoS state	Enabling status of dynamic traffic limiting for the automatic defense function
Total timeout	Lifetime of the automatic defense function
Remaining time	Remaining time of the automatic defense function
Time to warning	Remaining time to send alarm
IPcar threshold	Threshold for the rate of new connections per IP address
AntiDDoS CAR	Rate of dynamic traffic limiting
Interface	Interface name
Defend-type	Type of the IP connection rate limit SRC: The interface limits the connection rate based on source IP addresses. DST: The interface limits the connection rate based on destination IP addresses.
Add-mode	Interface adding mode: AUTO: The interface is automatically identified. MANUAL: The interface is manually added.
Emergency auto-defend exceed session rate limit discarded	Number of discarded connection establishment requests when the number of new connection establishment requests destined to an IP address per second exceeds the threshold. This counter indicates whether the automatic defense function takes effect.