HP 7000 dl Router Series Guia do Utilizador Página 254
- Página / 941
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
SROS Command Line Interface Reference Guide Global Configuration Mode Command Set
5991-2114 © Copyright 2005 Hewlett-Packard Development Company, L.P. 254
Functional Notes
Access control lists (ACLs) are used as packet selectors by other Secure Router OS systems; by
themselves they do nothing. ACLs are composed of an ordered list of entries with an implicit deny all at
the end of each list. An ACL entry contains two parts: an action (permit or deny) and a packet pattern. A
permit ACL is used to allow packets (meeting the specified pattern) to enter the router system. A deny ACL
advances the Secure Router OS to the next access policy entry. The Secure Router OS provides two types
of ACLs: standard and extended. Standard ACLs allow source IP address packet patterns only. Extended
ACLs may specify patterns using most fields in the IP header and the TCP or UDP header.
ACLs are performed in order from the top of the list down. Generally, the most specific entries should be at
the top and the most general at the bottom.
The following commands are contained in the access-list extended:
remark
Use the remark command to associate a descriptive tag (up to 80 alphanumeric characters encased in
quotation marks) to the access-list. Enter a functional description for the list such as “This list blocks all
outbound web traffic”.
log
Using the log keyword logs a message (if debug access-list is enabled for this access list) when the access
list finds a packet match.
Usage Examples
The following example creates an access list AllowIKE to allow all IKE (UDP Port 500) packets from the
190.72.22.55.0/24 network:
(config)#ip access-list extended AllowIKE
(config-ext-nacl)#permit udp 190.72.22.55.0 0.0.0.255 eq 500 any eq 500
For more details, refer to the ProCurve SROS Documentation CD for technical support notes regarding
access-list configuration.
Technology Review
Creating access policies and lists to regulate traffic through the routed network is a four-step process:
Step 1:
Enable the security features of the
Secure Router OS
using the ip firewall command.
Step 2:
Create an access control list (using the ip access-list command) to permit or deny specified traffic.
Standard access lists provide pattern matching for source IP addresses only. (Use extended access lists
for more flexible pattern matching.) IP addresses can be expressed in one of three ways:
1. Using the keyword any to match any IP address. For example, entering deny any will effectively shut
down the interface that uses the access list because all traffic will match the any keyword.
- SROS Command Line Interface 1
- Publication Number 2
- Applicable Products 2
- Disclaimer 2
- Warranty 2
- Table of Contents 3
- REFERENCE GUIDE INTRODUCTION 4
- CLI INTRODUCTION 4
- Using CLI Shortcuts 6
- BASIC MODE COMMAND SET 10
- Functional Notes 13
- ENABLE MODE COMMAND SET 20
- Syntax Description 100
- Default Values 100
- Command Modes 100
- Usage Examples 100
- >enable 129
- Technology Review 139
- [detail] 157
- <subnet>] 164
- 12 65520 3 0 30 174
- 13 131056 0 0 0 174
- <interface id>] 182
- No subcommands 186
- > show sntp 186
- Technology Review (Continued) 207
- <backup filename>] 213
- Functional Notes (Continued) 272
- Enabled? 275
- OS Firewall Response Common 275
- <listname> 335
- <trap type> 339
- DHCP POOL COMMAND SET 355
- IKE POLICY COMMAND SET 373
- OLICY ATTRIBUTES COMMAND SET 386
- IKE CLIENT COMMAND SET 392
- CRYPTO MAP IKE COMMAND SET 396
- CRYPTO MAP MANUAL COMMAND SET 405
- RADIUS GROUP COMMAND SET 416
- <password>] 475
- T1 Network Interface 511
- Default Values (Continued) 620
- NTERFACE CONFIG COMMAND SET 644
- Syntax Description> 692
- BGP CONFIGURATION COMMAND SET 705
- <slot/port> 722
- Usage Example 795
- (config)#interface tunnel 1 796
- HDLC COMMAND SET 811
- COMMON COMMANDS 922
Manuais e produtos relacionados com Redes HP 7000 dl Router Series
Redes HP G510g Guia de Configuração
(4 páginas)
(4 páginas)
Redes HP S10 Manual do Utilizador
(134 páginas)
(134 páginas)
Redes HP MSM3XX Manual do Utilizador
(114 páginas)
(114 páginas)
Redes HP Moonshot Component Packs Manual do Utilizador
(117 páginas)
(117 páginas)
Redes HP 10BASE-T Manual de Instalação
(16 páginas)
(16 páginas)
Redes HP Printer PCLA8205B Manual do Utilizador
(49 páginas)
(49 páginas)
Redes HP Network Card 232664-006 Manual do Utilizador
(205 páginas)
(205 páginas)
Redes HP C4740 Guia do Utilizador
(8 páginas)
(8 páginas)
Redes HP E5000 Guia do Utilizador
(199 páginas)
(199 páginas)
Redes HP J6424 Guia de Início Rápido
(52 páginas)
(52 páginas)
Redes HP Moonshot 1500 Chassis Manual de Instalação
(64 páginas)
(64 páginas)
Redes HP 3050A Guia do Utilizador
(24 páginas)
(24 páginas)
Redes HP T1453-90001 Manual do Utilizador
(78 páginas)
(78 páginas)
Redes HP VMA-series Memory Arrays Manual do Utilizador
(278 páginas)
(278 páginas)
Redes HP CN1000E Manual do Utilizador
(48 páginas)
(48 páginas)
Redes HP Jetdirect 175x Manual do Utilizador
(202 páginas)
(202 páginas)
Redes HP 100VG Guia do Utilizador
(46 páginas)
(46 páginas)
DeVilbiss COMPACT P2-11 manuály
Uživatelské manuály a uživatelské příručky pro Stříkací barva DeVilbiss COMPACT P2-11.
Poskytujeme 2 manuály pdf DeVilbiss COMPACT P2-11 ke stažení zdarma podle typů dokumentů: Uživatelský manuál, Specifikace
Comentários a estes Manuais