Adding Entries To The Whitelist Manually; Configuring Blacklist And Whitelist By Using The Configuration File - Huawei quidway s7700 Configuration Manual

Quidway S7700 Smart Routing Switch
Configuration Guide - SPU
Pre-configuration Tasks
Before configuring the whitelist, complete the following tasks:
l
l
Data Preparation
To configure the whitelist, you need the following data.
No.
1
2

2.6.2 Adding Entries to the Whitelist Manually

The entries in the whitelist take effect directly and you do not need to enable the whitelist
function.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
firewall whitelist ip-address [ vpn-instance vpn-instance-name ] [ expire-time
minutes ]
An entry is added to the whitelist.
By running this command, you can add an entry to the whitelist manually. You can specify the
IP address, aging time, and VPN instance when adding the entry.The aging time refers to the
period in which the IP address is effective after it is added to the whitelist. When the IP address
expires, it is released from the whitelist. If the aging time is not specified, the IP address is always
valid in the whitelist.
You can create up to 1024 entries in the whitelist.
----End
Follow-up Procedure
Run the firewall black-white-list save command to save the blacklist and whitelist to the
specified configuration file to load next time.
2.6.3 Configuring Blacklist and Whitelist by Using the
Configuration File
You can batch configure the entries in blacklist and whitelist by loading the configuration file.
Issue 01 (2011-07-15)
Configuring zones and adding interfaces to the zones
Configuring the interzone and enabling the firewall function in the interzone
Data
IP address that you want add to the whitelist (the VPN instance can be included)
(Optional) Aging time of whitelist entries
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2 Firewall Configuration
43