Firewall Configuration Example - 3Com 3032 Configuration Manual
3com 3032: user guide
Hide thumbs
Also See for 3032:
- Command reference manual (101 pages) ,
- Installation manual (50 pages) ,
- Supplementary manual (31 pages)
Table of Contents
Advertisement
558
C
39: C
HAPTER
ONFIGURING
Specifying Logging Host
Displaying and
Debugging Firewall
Firewall Configuration
Example
F
IREWALL
Table 627 Configure Rules for Applying Access Control List on Interface
Operation
Specify rule for filtering receive/send
messages on interface
Cancel rule for filtering receive/send
messages on interface
By default no rule for filtering messages on interface is specified.
In one direction of an interface (
be applied. That is to say, 20 rules can be applied in
, and 20 rules can be applied in
inbound
If two rules with different sequence numbers conflict, then the number with
greater acl-number should be matched preferentially.
Firewall supports a logging function. When an access rule is matched, and if the
user has specified to generate logging for this rule, logs can be sent to and
recorded and saved by the logging host.
Perform the following configurations in system view.
Table 628 Specify Logging Host
Operation
Specify logging host
Cancel logging host
For detailed description logging host parameters, see "Logging Function" in
"System Management".
Use
,
debugging
reset
Table 629 Display and Debug Firewall
Operation
Display firewall status
Display packet filtering rule and its
application on interface
Display current timerange
Display whether the current time is within
special timerange
Clear access rule counters
Enable the information debugging of
firewall packet filtering
The following is a sample firewall configuration in an enterprise.
This enterprise accesses the Internet through interface Serial 0 of one 3Com
router, and the enterprise provides www, FTP and Telnet services to the outside.
The internal sub-network of the enterprise is 129.38.1.0, the internal ftp server
address 129.38.1.1, internal Telnet server address 129.38.1.2, and the internal
Command
firewall packet-filter acl-number [
inbound | outbound ]]
undo firewall packet-filter
acl-number [ inbound | outbound ]]
or
inbound
outbound
firewall packet-filter outbound
Command
ip host unix-hostname ip-address
undo ip host
and
commands in all views.
display
Command
display firewall
display acl [ all | acl-number |
interface type number ]
display timerange
display isintr
reset acl counters [ acl-number ]
debugging filter { all | icmp | tcp |
udp}
), up to 20 access rules can
firewall packet-filter
.
- Quick Links:
- Configuration Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
