- Downloads
- scio subs
scio subs
Syntax
scio subs option argument
Description
Displays IDP subscriber statistics and enables you to manage subscriber settings. The IDP subscriber is a process that associates traffic that passes IDP traffic interfaces with the IDP engine. By default, all virtual circuits belong to the subscriber named s0. We test and support only configurations where the default subscriber s0 is used.
Options
Table 1 describes scio subs options and arguments and provides examples of command syntax.
Table 1: Command Reference: scio subs
Options | Usage and Examples |
|---|---|
list | Lists the virtual circuits and NICs associated with the subscriber s0. [root@defaulthost admin]# scio subs
list Defined Subscribers:
Subscriber V-Circuit NIC
---------- --------- ----
s0 eth3 eth3
eth2 eth2
|
attach subscriber vc-name | Associates a virtual circuit with the subscriber instance. [root@defaulthost admin]# scio subs attach s0 eth2 [root@defaulthost admin]# |
overflow [get subscriber | set subscriber overflow_module threshold | change subscriber overflow_module threshold] | Gets or sets overflow parameters. [root@defaulthost admin]# scio subs
overflow get s0 subs overflow: subscriber=s0 mode=0 threshold=0 |
qmodules subscriber | Lists qmodules associated with a subscriber. A qmodule is a module of code related to an IDP function or feature. [root@defaulthost admin]# scio subs
qmodules s0 Qmodules for subs 's0' flow - Performs flow lookups, flow/session creation and policy lookups ipblocker - IDS module pre-ids filter - Weeds out unwanted sessions before entering the IDS modules tsig - Performs Traffic Signature detection seqack - Translates TCP SEQ/ACK numbers syndef - Provides defense against SYN attack portfaker - Fakes active ports on the network to catch hackers reass - Tracks a TCP connection and reorders packets ptype - Detects protocol type using content and statistical analysis ids - Detects intrusion attempts based on a library of attack signatures backdoor - Detects backdoor activity using statistical analysis iprouter - Routes packets to the appropriate virtual circuit |
qmodstats subscriber | Displays statistics and counters aggregated by qmodule. [root@defaulthost admin]# scio subs
qmodstats s0 Qmodules Statistics for subs 's0' (time in micro seconds)
Q-Module Min.Time Max.Time Ave.Time #Pkt. #Pkt.Drop #Pkt.Error
flow 0 0 0 0 0 0
ipblocker 0 0 0 0 0 0
pre-ids filter 0 0 0 0 0 0
tsig 0 0 0 0 0 0
seqack 0 0 0 0 0 0
syndef 0 0 0 0 0 0
portfaker 0 0 0 0 0 0
reass 0 0 0 0 0 0
ptype 0 0 0 0 0 0
ids 0 0 0 0 0 0
backdoor 0 0 0 0 0 0
iprouter 0 0 0 0 0 0
Qmodules Performance Monitor Counters for subs 's0' (average count per packet)
Q-Module Cycles Insts CPI Misses Hits #Pkt.
flow 0 0 0.00 0 0 0
ipblocker 0 0 0.00 0 0 0
pre-ids filter 0 0 0.00 0 0 0
tsig 0 0 0.00 0 0 0
seqack 0 0 0.00 0 0 0
syndef 0 0 0.00 0 0 0
portfaker 0 0 0.00 0 0 0
reass 0 0 0.00 0 0 0
ptype 0 0 0.00 0 0 0
ids 0 0 0.00 0 0 0
backdoor 0 0 0.00 0 0 0
iprouter 0 0 0.00 0 0 0
|
release subscriber vc-name | Releases the association that was created with scio subs attach. [root@defaulthost admin]# scio subs
release s0 eth2 [root@defaulthost admin]# |
reset subscriber | Resets statistics. [root@defaulthost admin]# scio subs
reset s0 [root@defaulthost admin]# |
rulestats subscriber | Displays a counter security policy rules used in traffic processing. Each session match increments the counter for the rule. [root@defaulthost admin]# scio subs
rulestats s0ids 1 0 2 0 3 0 4 0 5 0 6 0 |
service detail subscriber | Displays the active and total session count, by service. [root@defaulthost admin]# scio subs
service detail s0 Service Session Count Table:
| Service | Active | Total |
|-----------+----------+----------|
FTP 86 86
RLOGIN 21 21
PORTMAPPER 100 100
HTTP 730 730
SMTP 38 38
POP3 76 76
IMAP 10 10
TELNET 52 52
ICMP 116 116
DNS 50 52
SSH 1 1
SNMP 11 11
DHCP 17 17
TFTP 21 21
|
status subscriber | Provides a summary of IDP status and performance statistics aggregated by subscriber. [root@defaulthost admin]# scio subs
status s0Status for subs 's0'
up since - Wed Jan 6 15:55:53 2009
Packets/second: 0 peak: 0 @ Wed Aug 6 15:55:53 2008
KBits/second: 0 peak: 0 @ Wed Aug 6 15:55:53 2008
Packets received: icmp 0, tcp 0, udp 0, other 0
Current flows: icmp 0, tcp 0, udp 0, other 0
Current sessions: icmp 0, tcp 0, udp 0, other 0
Latency Statistics (time in micro seconds):
Min: 0 Max: 0 Ave: 0
Performance statistics
Average packet lifetime:
Cycles: 0 Instructions: 0 CPI: 0.00 Cache misses: 0 hits: 0
Current policy: Recommended v0 |
