Configuring Acl-Based Packet Filtering In An Interzone; Checking The Configuration - Huawei quidway s7700 Configuration Manual
Smart routing switch
Hide thumbs
Also See for quidway s7700:
- Configuration manual (833 pages) ,
- Configuration manual - ethernet (648 pages) ,
- Configuration manual - multicast (551 pages)
Table of Contents
Advertisement
Quidway S7700 Smart Routing Switch
Configuration Guide - SPU
No.
1
2
3
2.4.2 Configuring ACL-based Packet Filtering in an Interzone
You can specify the direction to which the ACL is applied and the default processing mode of
the packets that do not match the ACL rules.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
firewall interzone zone-name1 zone-name2
The interzone view is displayed.
Step 3 Run:
packet-filter acl-number { inbound | outbound }
The ACL-based packet filtering is configured.
You can configure ACL-based packet filtering in the interzone for the inbound or outbound
packets.
Step 4 (Optional) Run:
packet-filter default { deny | permit } { inbound | outbound }
The default processing mode of the unmatched packets is configured.
In the initial settings of the system, the outbound unmatched packets are allowed, and the inbound
unmatched packets are denied.
If an ACL is applied to the inbound packets or outbound packets of an interzone, the packets
are filtered according to the ACL rules. If packets do not match the ACL, the default processing
mode is used.
----End
2.4.3 Checking the Configuration
After the ACL-based packet filtering firewall is configured, you can view information about
ACL-based packet filtering.
Issue 01 (2011-07-15)
Data
Zone names
ACL number
Packet direction to which the ACL is applied
NOTE
When Layer 2 ACL is applied to the interzone, the non-Ethernet packets that do not match the ACL are
discarded.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2 Firewall Configuration
38
Advertisement
Table of Contents
