338
Configuring a packet-filter firewall
Packet-filter firewall configuration task list
Task Remarks
Enabling the firewall function
Required
Configuring the default filtering action of the firewall
Optional
Enabling fragment inspection
Optional
Configuring the high and low thresholds for fragment inspection
Optional
Configuring packet filtering on an interface
Required
Configuring Ethernet frame filtering
Optional
Enabling the firewall function
Enabling the IPv4 firewall function
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable the IPv4 firewall function.
firewall
enable
Disabled by default.
Enabling the IPv6 firewall function
To enable the IPv6 firewall function:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable the IPv6 firewall function.
firewall ipv6 enable
Disabled by default.
Configuring the default filtering action of the firewall
The default filtering action configuration is used for the firewall to determine whether to permit a data
packet to pass or deny the packet when there is no appropriate criterion for judgment.
IPv4 application
To configure the default filtering action of the IPv4 firewall:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Specify the default filtering
action of the firewall.
firewall default
{
deny
|
permit
}
Optional.
permit
(permit packets to pass
the firewall) by default.
IPv6 application
To configure the default filtering action of the IPv6 firewall:
To Next Page
Loading...
Need help?
General
