Configuring The Firewall Default Filtering Action; Configuring Packet Filtering On An Interface - HP A6600 Configuration Manual

Enabling the IPv6 firewall function
To do...
1. Enter system view.
2. Enable the IPv6 firewall
function.

Configuring the firewall default filtering action

The default filtering action configuration is used for the firewall to determine whether to permit a data
packet to pass or to deny the packet when there is no appropriate criterion for judgment.
IPv4 application
To do...
1. Enter system view.
2. Specify the default filtering
action of the firewall on a
centralized router.
3. Specify the default filtering
action of the firewall on a
distributed router.
IPv6 application
To do...
1. Enter system view.
2. Specify the default filtering
action of the firewall.

Configuring packet filtering on an interface

When an ACL is applied to an interface, the time range-based filtering also works at the same time. In
addition, specify separate access rules for inbound and outbound packets.
The effective range for basic ACL numbers is 2000 to 2999. A basic ACL defines rules based on the
Layer 3 source IP addresses only to analyze and process data packets.
The effective range for advanced ACL numbers is 3000 to 3999. An advanced ACL defines rules
according to the source and destination IP addresses of packets, the type of protocol over IP, TCP/UDP
source and destination ports, and so on.
An advanced ACL supports normal match. Normal match refers to match of Layer 3 information.
Command...
system-view
firewall ipv6 enable
Command...
system-view
firewall default { deny | permit }
firewall default { deny | permit } {
all | slot slot-number }
Command...
system-view
firewall ipv6 default { deny |
permit }
349
Remarks
—
Required
Disabled by default
Remarks
—
Optional.
permit (permit packets to pass the
firewall) by default.
Optional.
permit (permit packets to pass the
firewall) by default.
Remarks
—
Optional.
permit (permit packets to pass the
firewall) by default.