Packet-Filter (Zone Pair View) - HPE FlexNetwork HSR6800 series Command Reference Manual
Comware 7 acl and qos
Hide thumbs
Also See for FlexNetwork HSR6800 series:
- Security command reference (538 pages) ,
- Configuration manual (503 pages) ,
- Command reference manual (35 pages)
Table of Contents
Advertisement
This feature does not take effect on an interface that is an aggregation member port.
Examples
# Apply IPv4 basic ACL 2001 to filter incoming traffic on GigabitEthernet 2/1/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/1
[Sysname-GigabitEthernet2/1/1] packet-filter 2001 inbound
Related commands
display packet-filter
display packet-filter statistics
display packet-filter verbose
packet-filter (zone pair view)
Use packet-filter to apply an ACL to a zone pair to filter packets.
Use undo packet-filter to remove an ACL from a zone pair.
Syntax
packet-filter [ ipv6 ] { acl-number | name acl-name }
undo packet-filter [ ipv6 ] { acl-number | name acl-name }
Default
No ACL is applied to a zone pair to filter packets.
Views
Zone pair view
Predefined user roles
network-admin
Parameters
ipv6: Specifies the IPv6 ACL type. To specify the IPv4 ACL type, do not provide this keyword.
acl-number: Specifies an ACL by its number. The following are available value ranges:
•
2000 to 2999 for basic ACLs.
•
3000 to 3999 for advanced ACLs.
name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string
of 1 to 63 characters.
Examples
# Apply IPv4 basic ACL 2002 to filter traffic from source security zone office to destination security
zone library.
<Sysname> system-view
[Sysname] zone-pair security source office destination library
[Sysname-zone-pair-security-office-library] packet-filter 2002
Related commands
display packet-filter
display packet-filter statistics
display packet-filter verbose
16
Advertisement
Table of Contents
