No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V100R001C01 Security Maintenance 08

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Checking Switch Security

Checking Switch Security

This section uses the HUAWEI QuidWay S5700-52C-SI switch as an example and introduces how to check the switch ACL configuration to confirm the security of its received data packets.

HUAWEI QuidWay S5700-52C-SI switch, a member of the Quidway S5700 series, serves as an example in this section. A check is conducted on the ACL configurations to make sure that the data packets received by the service system are secure.

ACL is a series of sequential rules composed of permit | deny statements. An ACL can be invoked using an applicable process or protocol to filter source addresses, destination addresses, and port numbers of data packets.

For details about how to configure the Quidway S5700, see the Quidway S5700 Product Documentation. Log in to http://support.huawei.com/enterprise. Enter S5700 in the search box, and click the path displayed below the search box to enter the product page.

NOTE:
The ACL commands mentioned in this section are applicable to S5700 V200R001C00. For details about the ACL commands actually used, see the product documentation of the corresponding switch version.

Description of ACL Commands

Run the following commands to check ACL configuration:

  • display acl {acl-number | all} to display ACL rules by their numbers
  • display acl name {acl-name} to display ACL rules by their names
  • display time-range {all | time-name} to check the time range information
  • display acl resource slot {slot-id} to display ACL resources

Examples of ACL Commands

NOTE:

The ACL names, numbers, IP addresses, and port numbers in the following examples are for reference only.

  • Run the display acl command to display the ACL number, quantity of rules, step, and rule content.
    <Quidway> display acl 3000
    Advanced ACL  3000, 1 rule
    Acl's step is 5
    rule 5 deny ip source 10.1.1.1 0
    
  • Run the display acl name to display the ACL name, number, quantity of rules, step, and rule content.
    <Quidway> display acl name test
    Advanced ACL test 3999, 1 rule
    Acl's step is 5
     rule 5 permit tcp
    
  • Run the display time-range command to display the configuration and status of current time range.
    <Quidway>  display time-range all
    Current time is 14:19:16 12-4-2012 Tuesday
    Time-range : time1 ( Inactive )
     10:00 to 12:00 daily
    from 09:09 2012/9/9 to 23:59 2099/12/31
    
  • Run the display acl resource command to display the current usage information of ACL resources.
    <Quidway> display acl resource slot 0
     Slot  0  Unit  0 :                                                            
        Unit 0: GE0/0/25 to GE0/0/48                                                
        Unit 1: GE0/0/1 to GE0/0/24                                                 
                     Pre-Ingress       Ingress      Egress                       
    --------------------------------------------------------    
      Rule Used                0             4        0                          
      Rule Free             1024         2812        512                          
      Rule Total            1024         2816        512                          
                                                                                    
      Meter Used               0             0        0                          
      Meter Free             512         1408        256                          
      Meter Total            512         1408        256                          
                                                                                    
      Counter Used             0             1        0                          
      Counter Free           512         1407        512                          
      Counter Total          512         1408        512                          
    --------------------------------------------------------    
      Slot  0  Unit  1 :                                                            
        Unit 0: GE0/0/25 to GE0/0/48                                                
        Unit 1: GE0/0/1 to GE0/0/24                                                 
                        Pre-Ingress       Ingress    Egress                       
    --------------------------------------------------------    
      Rule Used                0            6         0                          
      Rule Free             1024         2810        512                          
      Rule Total            1024         2816        512                          
                                                                                    
      Meter Used               0            1         0                          
      Meter Free             512         1407        256                          
      Meter Total            512         1408        256                          
                                                                                    
      Counter Used             0            2         0                          
      Counter Free           512         1406        512                          
      Counter Total          512         1408        512 
    --------------------------------------------------------   
    
Download
Updated: 2018-10-27

Document ID: EDOC1000042184

Views: 8603

Downloads: 183

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next