permit | deny

Function

The permit command allows the packets that meet the rules to pass through the device.

The deny command prohibits the packets that meet the rules from passing through the device.

By default, packets meet the rules can pass.

Format

permit | deny

undo deny

Parameters

Parameter Description Value
deny

Prohibits packets from passing.

-
permit

Allows packets to pass.

-

Views

Traffic behavior view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
qos write

Usage Guidelines

Usage Scenario

If the permit or deny action is configured in both the rule command and the traffic behavior view, only packets that are permitted by the rule command are processed according to the configured traffic behavior. If the deny action is configured in either the rule command or the traffic behavior view, all matched packets are discarded.

Prerequisites

A traffic behavior is configured and the traffic behavior view is displayed.

Precautions

The deny action is mutually exclusive with other traffic actions. You can apply other traffic actions to the traffic that has been configured with the deny action only after configuring the permit action for the traffic. If both the if-match any and deny commands are configured, the MF classification function prevents all packets from passing through an interface, including even protocol packets. Therefore, exercise caution when using combinations of the preceding commands.

Example

# Allow the packets to pass through the device.
<HUAWEI> system-view
[~HUAWEI] traffic behavior b1
[*HUAWEI-behavior-b1] permit
# Prohibit the packets from passing through the device.
<HUAWEI> system-view
[~HUAWEI] traffic behavior b1
[*HUAWEI-behavior-b1] deny
Parent Topic: Class-based QoS Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >