Changing The Rule Match Order; Enabling Rule Matching Acceleration; Displaying And Maintaining Object Policies - HP MSR Series Configuration Manual

Step
4. Apply an object policy
to the zone pair.

Changing the rule match order

The device matches packets against object policy rules in the order the rules were configured. You
can change the rule match order by changing the position of an object policy rule in the rule list.
To change the rule match order:
Step
1. Enter system view.
2. Enter object policy view.
3. Move an object policy rule.

Enabling rule matching acceleration

This feature accelerates rule matching. It enhances connection establishment and packet forwarding
performance, especially for a device using multiple rules to match first packets from multiple users.
To enable rule matching acceleration:
Step
1. Enter system view.
2. Enter object policy
view.
3. Enable rule matching
acceleration.

Displaying and maintaining object policies

Execute the display commands in any view.
Task
Display acceleration information for
object policies (centralized devices in
standalone mode).
Command
•
Apply an IPv4 object policy to the zone pair:
object-policy apply ip object-policy-name
•
Apply an IPv6 object policy to the zone pair:
object-policy apply ipv6
object-policy-name
Command
system-view
•
Enter IPv4 object policy view:
object-policy ip object-policy-name
•
Enter IPv6 object policy view:
object-policy ipv6 object-policy-name
move rule rule-id before insert-rule-id
Command
system-view
•
Enter IPv4 object policy view:
object-policy ip object-policy-name
•
Enter IPv6 object policy view:
object-policy ipv6 object-policy-name
accelerate
Command
display object-policy accelerate { summary { ip | ipv6 } |
verbose { ip object-policy-name | ipv6 object-policy-name } }
477
Remarks
By default, no object
policy is applied to a zone
pair.
Remarks
N/A
N/A
By default, rule matching
acceleration is disabled for
an object policy.