The author understands the clear list rules in the Huawei router configuration command. This article describes the statistics of clear access-list counters clear access list rules. Master the following knowledge points. You only need to spend a few minutes to understand the clear list rules in the Huawei router configuration command.
Parameter description]
◆ Listnumber [Optional] sequence number of the rule for which statistics are to be cleared. If no rule is specified, statistics of all rules are cleared.
Huawei router configuration command default situation]
◆ Statistics are not cleared at any time.
Command mode]
◆ Privileged user mode
User Guide]
◆ Use this command to clear the statistics of the currently used rules. If no rule number is specified, the statistics of all rules are cleared.
Example of a Huawei router configuration command]
◆ Example 1: Clear the statistics of the rule with the serial number 100 currently used.
◆ Quidway # clear access-list count 100
◆ Example 2: Clear the statistics of all currently used rules.
◆ Quidway # clear access-list counters
Related commands]
◆ Access-list
◆ Enable or disable firewall in firewall.
◆ Firewall {enable | disable}
Parameter description]
◆ Enable indicates that the firewall is enabled.
◆ Disable indicates that the firewall is disabled.
Huawei router configuration command default situation]
◆ The firewall is disabled by default.
Command mode]
◆ Global configuration mode
User Guide]
◆ Use this command to enable or disable the firewall. You can view the result through the show firewall command. If time packet filtering is adopted, the firewall is also disabled when it is disabled. This command controls the firewall's overall switch. When you use the firewall disable command to disable the firewall, the firewall's statistics will also be cleared.
Example of a Huawei router configuration command]
◆ Enable Firewall.
◆ Quidway (config) # firewall enable
Related commands]
◆ Access-list, ip access-group
◆ Firewall default: the default filtering method when the firewall does not match the corresponding access rules.
◆ Firewall default {permit | deny}
Parameter description]
◆ Permit indicates that the default filter attribute is "allowed ".
◆ Deny indicates that the default filter attribute is "forbidden ".
Huawei router configuration command default situation]
◆ When the firewall is enabled, packets are allowed to pass by default.
Command mode]
◆ Global configuration mode
User Guide]
◆ When none of the rules applied on the interface can determine whether a message should be allowed or disabled, the default filter attribute will take effect. If the default filter attribute is "Allowed ", the packet can pass, otherwise the packet is discarded.
Example of a Huawei router configuration command]
◆ Set the default filter attribute to "allowed ".
◆ Quidway (config) # firewall default permit
◆ Ip access-group use this command to apply the rule to the interface. Use the no command to delete the corresponding settings.
◆ Ip access-group listnumber {in | out}
◆ [No] ip access-group listnumber {in | out}
Parameter description]
◆ Listnumber is the rule serial number, which is 1 ~ A value between 199.
◆ In indicates that the rule is used to filter packets received from interfaces.
◆ Out indicates that the rule is used to filter packets forwarded from the API.
Huawei router configuration command default situation]
◆ No rules apply to interfaces.
Command mode]
◆ Interface configuration mode.
User Guide]
◆ Use this command to apply rules to interfaces. If you want to filter packets received from interfaces, use the in keyword. If you want to filter packets forwarded from interfaces, use the out keyword. Up to 20 different rules can be applied in one direction of an interface. These rules are arranged according to the sequence number, and the sequence number is higher than the rule number, that is, the priority is higher.
◆ When filtering packets, the filtering result will be obtained by finding the matching rules to speed up the filtering. Therefore, when configuring rules, we recommend that you put the rules configured for the same network in the access list of the same serial number; In the access list of the same serial number, you can use the show access-list command to view the order of the rules.
Example of a Huawei router configuration command]
◆ Apply Rule 101 to filter packets received from the Ethernet port.
◆ Quidway (config-if-Ethernet0) # ip access-group 101 in
Related commands]
◆ Access-list