Table of Contents
Advertisement
S9700 Core Routing Switch
Configuration Guide - SPU
Prerequisites
The configuration file for storing the blacklist and whitelist is available.
Context
The configuration file must be in txt format, and the contents are as follows:
[FirewallBlacklist] # A blacklist entry
IPAddress =
notation
VPNName =
[FirewallWhitelist]
IPAddress =
notation
VPNName =
decimal notation
A configuration file can contain multiple entries, but each entry must be edited separately. Blank
lines are allowed between lines.
[FirewallBlacklist]
IPAddress = 210.10.10.1
VPNName = vpna
[FirewallBlacklist]
IPAddress = 220.10.10.2
VPNName =
[FirewallWhitelist]
IPAddress = 10.10.10.1
VPNName = vpnb
[FirewallWhitelist]
IPAddress =20.20.20.1
VPNName =
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
firewall black-white-list load configuration-file configuration-file-name
The blacklist and whitelist configuration file is loaded.
The configured blacklist takes effect only after you run the firewall blacklist enable command
to enable the blacklist.
The entries in the whitelist take effect directly and you do not need to enable the whitelist
function.
A blacklist supports up to 4096 entries, and a whitelist supports up to 1024 entries.
----End
Follow-up Procedure
Run the firewall black-white-list save command to save the blacklist and whitelist to the
specified configuration file to load next time.
Issue 01 (2012-03-15)
NOTE
A configuration file can contain up to 50000 lines.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
# An IP address in the blacklist, in dotted decimal
# (Optional) VPN instance of the blacklist
# A whitelist entry
# An IP address in the whitelist, in dotted decimal
# (Optional) VPN instance of the whitelist, in dotted
2 Firewall Configuration
44
Advertisement
Table of Contents
