HP 6125XLG R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 16

Configuring packet filtering with ACLs This section describes procedures for applying an ACL to filter incoming or outgoing IPv4 or IPv6 packets on the specified interface. Applying an ACL to an interface for packet filtering Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A By default, an interface does not 3. Apply an ACL to the interface packet-filter [ ipv6 ] { acl-number | filter packets. to filter packets. name acl-name } { inbound | outbound } [ hardware-count ] You can apply up to one ACL to the same direction of an interface. Setting the interval for generating and outputting packet filtering logs After you set the interval, the device periodically generates and outputs the packet filtering logs, including the number of matching packets and the matched ACL rules. For more information about the information center, see Network Management and Monitoring Configuration Guide. To set the interval for generating and outputting packet filtering logs: Step Command Remarks 1. Enter system view. system-view N/A 2. Set the interval for generating The default setting is 0 minutes, and outputting packet filtering acl [ ipv6 ] logging interval interval which mean that no packet filtering logs. logs are generated. Setting the packet filtering default action Step 1. Enter system view. Command system-view 2. Set the packet filtering default action to deny. packet-filter default deny Remarks N/A By default, the packet filter permits packets that do not match any ACL rule to pass. Displaying and maintaining ACLs Execute display commands in any view and reset commands in user view. 10