Setting The Packet Filtering Default Action; Displaying And Maintaining Acls; Acl Configuration Example; Network Requirements - HPE FlexNetwork 5510 HI Series Acl And Qos Configuration Manual
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Security configuration manual (551 pages) ,
- Mpls configuration manual (505 pages)
Table of Contents
Advertisement
Setting the packet filtering default action
Step
1.
Enter system view.
2.
Set
the
default action to deny.
Displaying and maintaining ACLs
Execute display commands in any view and reset commands in user view.
Task
Display ACL configuration and match statistics.
Display whether an ACL has been successfully
applied to an interface for packet filtering.
Display match statistics for packet filtering ACLs.
Display the accumulated statistics for packet filtering
ACLs.
Display detailed ACL packet filtering information.
Display QoS and ACL resource usage.
Clear ACL statistics.
Clear match statistics (including the accumulated
statistics) for packet filtering ACLs.
ACL configuration example
Network requirements
A company interconnects its departments through Device A. Configure an ACL to:
•
Permit access from the President's office at any time to the financial database server.
•
Permit access from the Financial department to the database server only during working hours
(from 8:00 to 18:00) on working days.
•
Deny access from any other department to the database server.
Command
system-view
packet
filtering
packet-filter default deny
Command
display acl [ ipv6 ] { acl-number | all | name
acl-name }
display packet-filter { interface [ interface-type
interface-number ] [ inbound | outbound ] |
interface
vlan-interface
[ inbound | outbound ] [ slot slot-number ] }
display
packet-filter
interface-type interface-number
outbound } [ [ ipv6 ] { acl-number | name
acl-name } ] [ brief ]
display packet-filter statistics sum { inbound |
outbound } [ ipv6 ] { acl-number | name acl-name }
[ brief ]
display
packet-filter
interface-type interface-number
outbound } [ [ ipv6 ] { acl-number | name
acl-name } ] [ slot slot-number ]
display qos-acl resource [ slot slot-number ]
reset acl [ ipv6 ] counter { acl-number | all | name
acl-name }
reset
packet-filter
[ interface-type interface-number ] { inbound |
outbound } [ [ ipv6 ] { acl-number | name
acl-name } ]
10
Remarks
N/A
By
default,
the
packet
permits packets that do not match
any ACL rule to pass.
vlan-interface-number
statistics
{ inbound |
verbose
{ inbound |
statistics
filter
interface
interface
interface
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?