cp-acl ip-pool enable

Function

The cp-acl ip-pool enable command enables the address pool function for an attack defense policy.

The undo cp-acl ip-pool enable command disables the address pool function for an attack defense policy.

By default, the address pool function is disabled for an attack defense policy.

Format

cp-acl ip-pool enable

undo cp-acl ip-pool enable

Parameters

None

Views

Attack defense policy view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
device-mgr write

Usage Guidelines

Usage Scenario

After an address pool is configured and bound to an ACL rule, the address pool may need to be applied to an attack defense policy using the blacklist, whitelist, or user-defined flow. To enable the address pool function for an attack defense policy, run the cp-acl ip-pool enable command.

Precautions

In VS mode, this command is supported only by the admin VS.

The address pool function is disabled for an attack defense policy by default. To have an ACL rule configured with an address pool take effect in an attack defense policy, run the cp-acl ip-pool enable command.

Example

# Enable the address pool function for attack defense policy 1.
<HUAWEI> system-view
[~HUAWEI] cpu-defend policy 1
[~HUAWEI-cpu-defend-policy-1] cp-acl ip-pool enable
Parent Topic: Local Attack Defense Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >