H3c-technologies H3C SecBlade NetStream Cards Manual de usuario Pagina 151
- Pagina / 349
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
136
CAUTION:
If you are using the host device to generate comprehensive log data for the ACL matching packets, also
follow these guidelines:
• Do not assign the packet filtering enabled port to VLAN 1.
• Configure the port that connects the device to the card as a trunk port, and remove the port from all bu
t
VLAN 1.
2. Configuring a SecBlade NetStream card to generate comprehensive log data for the ACL
matching packets
If your use the SecBlade NetStream card on the distributed or distributed IRF member device, to generate
comprehensive log data for the ACL matching packets. Configure the interface that connects the card to
the device to periodically output IPv4 packet filtering logs. The log data includes the destination IP
address, source IP address, destination port, source port, protocol number, filtering action, and the
number of matching packets.
Follow these steps to configure a card to generate comprehensive log data for the ACL matching packets:
To do… Use the command…
Remarks
Enter system view system-view —
Enter Layer 2 Ethernet interface view
interface interface-type
interface-number
—
Configure the port as a trunk port port link-type trunk
Required
The default link type of a port is
access.
Assign the port to all VLANs port trunk permit vlan all
Required
By default, a trunk port is in VLAN 1.
Enable the IPv4 packet filtering
logging function
packet-filter logging enable
Required
Disabled by default.
Exit to system view quit
—
Set the interval for generating and
outputting IPv4 packet filtering logs
packet-filter logging-interval
interval
Optional
The default interval is 10 seconds.
Displaying and maintaining ACLs
To do... Use the command…
Remarks
Display configuration and match
statistics for one or all IPv4 ACLs
display acl { acl-number | all | name
acl-name }
Available in any view
Display information about the IPv4
ACL acceleration feature
display acl accelerate { acl-number | all } [ |
{ begin | exclude | include }
regular-expression ]
Available in any view
Clear statistics for one or all IPv4
ACLs
reset acl counter { acl-number | all | name
acl-name }
Available in user view
- H3C SecBlade NetStream Card 1
- Preface 3
- GUI conventions 4
- Symbols 4
- Network topology icons 4
- Port numbering in examples 4
- Obtaining documentation 5
- Technical support 5
- Documentation feedback 5
- Contents 6
- CLI configuration 16
- Entering the CLI 17
- Command conventions 17
- Undo form of a command 18
- CLI views 18
- Using the CLI online help 19
- Typing commands 20
- Typing incomplete keywords 21
- Configuring command aliases 21
- Configuring CLI hotkeys 22
- System Mana 23
- Maintenance Command Reference 23
- Checking command-line errors 24
- Using command history 24
- Controlling the CLI display 25
- Filtering output information 26
- Character Meanin 27
- Remarks 27
- Login methods 35
- Users and user interfaces 36
- Numbering user interfaces 36
- CLI login 37
- Login procedure 38
- Logging in through telnet 47
- ACSEI timers 58
- ACSEI startup and running 58
- NMS login 61
- NMS login example 63
- User login control 65
- NMS users 68
- Interface configuration 70
- General configuration 71
- IP addressing configuration 80
- Special IP addresses 81
- Subnetting and masking 81
- Configuring IP addresses 82
- 172.16.1.1/24 83
- 172.16.2.1/24 sub 83
- 172.16.1.2/24 83
- 172.16.2.2/24 83
- IP routing overview 85
- Dynamic routing protocols 86
- Routing preference 87
- Route recursion 87
- Static routing configuration 89
- Configuring a static route 90
- What is policy-based routing 93
- Configuring PBR 94
- Configuring local PBR 96
- Configuring interface PBR 96
- VLAN configuration 98
- VLAN fundamentals 99
- VLAN types 100
- Protocols and standards 100
- VLAN interface overview 101
- Configuration procedure 101
- Network requirements 102
- Verification 103
- Port link type 103
- Default VLAN 104
- To do... Use the command… 109
- Remarks 109
- Overview 110
- Working mechanism 115
- Configure the SecBlade card 119
- GE3/0/1 GE3/0/2 121
- XGE2/0/1 121
- ARP configuration 128
- Operation of ARP 129
- Configuring ARP 130
- ARP configuration example 133
- Gratuitous ARP configuration 135
- Configuring gratuitous ARP 136
- Proxy ARP configuration 137
- Local proxy ARP 138
- Enabling proxy ARP 139
- 2. Configure the SecBlade 143
- ACL configuration 144
- Match order 145
- ACL rule numbering 145
- ACL configuration task list 146
- Configuring an ACL 146
- Copying an IPv4 ACL 149
- Packet filtering with ACLs 150
- ACL configuration example 152
- NetStream overview 154
- How NetStream works 155
- Flow aging 155
- NetStream data export 156
- NetStream export formats 157
- NetStream filtering 157
- NetStream sampling 157
- IPv4 NetStream configuration 159
- Enabling IPv4 NetStream 160
- To do… Use the command… 166
- IPv6 NetStream configuration 167
- Configuration considerations 172
- Configuring the host device 173
- Configuring the NSC 175
- 1. Configure the Device 176
- Device management 188
- Configuring the system time 189
- Displaying the system time 189
- Configuring banners 192
- Rebooting the device 195
- Configuring a scheduled task 196
- NOTE: 204
- NTP configuration 205
- How NTP works 206
- NTP message format 207
- Operation modes of NTP 208
- Symmetric peers mode 209
- Broadcast mode 209
- NTP configuration task list 210
- Configuration prerequisites 213
- NTP configuration examples 214
- SecBlade and Device 217
- Automatic configuration 218
- Address acquisition process 220
- File types 221
- TFTP request sending mode 223
- FTP configuration 224
- Configuring the FTP client 225
- 10.1.1.1/16 229
- 10.3.1.1/16 229
- 10.2.1.1/16 229
- Configuring the FTP server 230
- 3. Upgrade SecBlade 233
- TFTP configuration 235
- Configuring the TFTP client 236
- File management 239
- Performing file operations 241
- Renaming a file 242
- Copying a file 242
- Moving a file 242
- Deleting a file 242
- Performing batch operations 243
- Setting prompt modes 245
- Example for file operations 246
- Configuration file overview 247
- Introduction 248
- Configuration rollback 250
- Configuration task list 250
- Device software overview 256
- Software upgrade methods 257
- Basic concepts in hotfix 258
- Patch status 259
- DEACTIVE state 260
- ACTIVE state 260
- RUNNING state 261
- One-step patch installation 262
- Loading a patch file 263
- Activating patches 263
- Confirming running patches 264
- Stopping running patches 264
- Deleting patches 264
- Network requirement 265
- Hotfix configuration example 267
- Configuring ping 268
- Tracert 269
- System debugging 270
- Information center overview 273
- System information format 277
- PRI (priority) 278
- Managing security logs files 287
- 1.1.0.1/16 1.2.0.1/16 290
- SNMP configuration 295
- SNMP configuration task list 296
- Configuring SNMPv3 297
- Configuring SNMP logging 299
- Configuring SNMP traps 299
- Enabling SNMP traps 300
- Configuring trap parameters 300
- SNMP configuration examples 302
- SNMPv3 configuration example 303
- 1.1.1.2/24 304
- XGE4/0/1XGE0/0 304
- 1.1.1.1/24 304
- MIB style configuration 307
- RMON configuration 308
- RMON groups 309
- Alarm group 310
- Private alarm group 310
- XGE4/0/1 314
Relacionado con productos y manuales para La Seguridad H3c-technologies H3C SecBlade NetStream Cards
(66 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.042 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales