The following articles cover the firewall section of the Huawei router configuration command. The configuration commands for the firewall section are all listed below. I hope those who are interested can get the result. Today, I am going to introduce you to the firewall section of the Huawei router configuration command. I hope this article will teach you more things and bring convenience to your life.
Parameter description]
◆ Begin-time is the start time of a time period.
◆ End-time is the end time of a time period, which must be later than the start time.
Huawei router configuration command default situation]
◆ The system does not set the time period by default, that is, all of them are considered normal time periods.
Command mode]
◆ Global configuration mode
User Guide]
◆ Use this command to set the time period. You can set up to six time periods at the same time. You can see the time set through the show timerange command. If you have used a time period to change the time period, the modification takes effect within one minute ).
◆ The set time should be in the 24-hour format. If you want to set a time period similar to PM to AM, you can set it to "settr" because the two endpoints of the configured time period are within the time period, therefore, there will be no internal and external switchover. In addition, this setting has also been tested with a 2000 problem.
Example of a Huawei router configuration command]
◆ Example 1: set the time range ~ ~ 17: 00.
◆ Quidway (config) # settr
◆ Example 2: set the time range to PM to AM.
◆ Quidway (config) # settr
Related commands]
◆ Timerange, show timerange
◆ Show access-list: displays packet filtering rules and applications on interfaces.
◆ Show access-list [all | listnumber | interface-name]
Huawei router configuration command parameter description]
◆ "All" indicates all rules, including rules in common periods and special periods.
◆ Listnumber indicates the rule with the serial number of listnumber in the currently used rule.
◆ Interface indicates the sequence number of the rule to be applied on the specified interface.
◆ Interface-name indicates the interface name.
Command mode]
◆ Privileged user mode
User Guide]
◆ Use this command to display the specified rule and view the rule packet filtering status. Each rule has a corresponding counter. If a packet is filtered by this rule, the counter is added with 1. The observation of the counter shows that in the configured rule, which rules are valid and which are basically invalid. You can use the show access-list command with the interface keyword to view the application rules of an interface.
Example of a Huawei router configuration command]
◆ Example 1: display the rule with the serial number 100 currently used.
◆ Quidway # show access-list 100 Using normal packet-filtering access rules notes100 deny icmp 10.1.0.0 0.0.255.255 any host-redirect (3 matches, 252 bytes -- rule 1) 100 permit icmp 10.1.0.0 0.0.255.255 any echo (no matches -- rule 2) 100 deny udp any eq rip (no matches -- rule 3)
◆ Example 2: displays the application of rules on the Interface Serial0. Quidway # show access-list interface serial 0Serial0: access-list filtering In-bound packets: 120access-list filtering Out-bound packets: None
Related commands]
◆ Access-list
◆ Show firewall: displays the firewall Status.
◆ Show firewall
Huawei router configuration command mode]
◆ Privileged user mode
User Guide]
◆ Use this command to display the status of the firewall, including whether the firewall is enabled, whether the firewall is enabled with time packet filtering, and some firewall statistics.
Example of a Huawei router configuration command]
◆ Display the Firewall Status.
◆ Quidway # show firewallFirewall is enable, default filtering method is 'permit '. timeRange packet-filtering enable. inBound packets: None; OutBound packets: 0 packets, 0 bytes, 0% permitted, 0 packets, 0 bytes, 0% denied, 2 packets, 104 bytes, 100% permitted defaultly, 0 packets, 0 bytes, 100% denied defaultly. from 00:13:02 to 06: 13: 21: 0 packets, 0 bytes, permitted.
Related commands]
◆ Firewall
◆ Show isintr shows whether the current time is within the time range.
◆ Show isintr
Command mode]
◆ Privileged user mode
User Guide]
◆ Use this command to show whether the current time is within the time range.
Example of a Huawei router configuration command]
◆ Shows whether the current time is within the time range.
◆ Quidway # show isintr
◆ It is NOT in time ranges now.
Related commands]
◆ Timerange, settr
◆ Show timerange: displays the information filtered by the time range package.
◆ Show timerange
Huawei router configuration command mode]
◆ Privileged user mode
User Guide]
◆ Use this command to show whether to allow time period package filtering and the set time period.
Example of a Huawei router configuration command]
◆ Display the information filtered by the time range package.
◆ Quidway # show timerangeTimeRange packet-filtering enable. beginning of time range: 01: 00-0:000:00-04: 00end of time range.
Related commands]
◆ Timerange, settr
◆ Timerange enable or disable time period package filtering.
◆ Timerange {enable | disable}
Huawei router configuration command parameter description]
◆ Enable indicates that time packet filtering is enabled.
◆ Disable indicates that time packet filtering is prohibited.
Default condition]
◆ The system disables the time packet filtering function by default.
Huawei router configuration command mode]
◆ Global configuration mode
User Guide]
◆ Use this command to enable or disable the time period package filtering function. You can view the configuration result through the show firewall command or the show timerange command. After the time period package filtering function is enabled, the system will determine the rules that are used in special periods of time based on the current time and the set time period) or general rules outside the time period. The precision of the system query time period is 1 minute. The two endpoints of the set time period belong to the time period.
Example of a Huawei router configuration command]
◆ Enable the time period package filtering function.
◆ Quidway (config) # timerange enable
Related commands]
◆ Settr, show timerange