Huawei quidway s7700 Configuration Manual page 55

Quidway S7700 Smart Routing Switch
Configuration Guide - SPU
Prerequisite
The configuration file for storing the blacklist and whitelist is available.
Context
The configuration file must be in txt format, and the contents are as follows:
[FirewallBlacklist] # A blacklist entry
IPAddress =
notation
VPNName =
[FirewallWhitelist]
IPAddress =
notation
VPNName =
notation
A configuration file can contain multiple entries, but the entries must be edited one by one. Blank
lines are allowed between lines.
[FirewallBlacklist]
IPAddress = 210.10.10.1
VPNName = vpna
[FirewallBlacklist]
IPAddress = 220.10.10.2
VPNName =
[FirewallWhitelist]
IPAddress = 10.10.10.1
VPNName = vpnb
[FirewallWhitelist]
IPAddress =20.20.20.1
VPNName =
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
firewall black-white-list load configuration-file configuration-file-name
The blacklist and whitelist configuration file is loaded.
The configured blacklist takes effect only after you run the firewall blacklist enable command
to enable the blacklist.
The entries in the whitelist take effect directly and you do not need to enable the whitelist
function.
A blacklist supports up to 4096 entries, and a whitelist supports up to 1024 entries.
----End
Follow-up Procedure
Run the firewall black-white-list save command to save the blacklist and whitelist to the
specified configuration file to load next time.
Issue 01 (2011-07-15)
NOTE
A configuration file can contain up to 50000 lines.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
# An IP address in the blacklist, in dotted decimal
# (Optional) VPN instance of the blacklist
# A whitelist entry
# An IP address in the whitelist, in dotted decimal
# VPN instance of the whitelist, in dotted decimal
2 Firewall Configuration
44