Shunning Attack

For more granular shunning, you can also identify the destination address dst_ip, the source and destination ports sport and dport, and the protocol. You can only define one shun entry per source and destination address pair. When a shun is defined, all existing and future connections are blocked until the shun is later removed. 2. Display active shuns: Firewall# show shun [src_ip] All active shuns are listed. If a specific source address src_ip is given, only shuns involving that address are shown. As an example, the following output displays the four shuns that are currently active. The source interface is automatically determined and shown in parentheses. Firewall# show shun shun (outside)