whitelist acl

Function

The whitelist acl command adds packets matching specific ACL rules to the whitelist.

The undo whitelist command deletes the added packets from the whitelist.

By default, no ACL rules are specified to add matching packet to the whitelist.

Format

whitelist [ ipv6 ] acl { acl-number | name acl-name }

undo whitelist [ ipv6 ]

Parameters

Parameter Description Value
ipv6

Configures an IPv6 whitelist. If this parameter is not specified, an IPv4 whitelist is configured.

-
acl-number

Specifies the number of an ACL.

It is an integer ranging from 2000 to 3999.
name acl-name

Specifies the name of an ACL.

The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive).

Views

Attack defense policy view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
cpu-defend write

Usage Guidelines

Usage Scenario

You can flexibly configure a whitelist by defining ACL rules.

Prerequisites

ACL rules are configured.

Precautions

In VS mode, this command is supported only by the admin VS.

If a CAR value has been configured for the whitelist, you need to consider the impact on the configured CAR when binding an ACL rule.

Example

# Add packets matching ACL 2001 to the whitelist in attack defense policy 8.
<HUAWEI> system-view
[~HUAWEI] acl 2001
[*HUAWEI-acl4-basic-2001] quit
[*HUAWEI] cpu-defend policy 8
[*HUAWEI-cpu-defend-policy-8] whitelist acl 2001
Parent Topic: Local Attack Defense Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >