Configuration of a Firewall-HUAWEI

********Firewall Configuration*********

To add IP address to the firewall blacklist with the aging time of 100 min, do as follows:

OLT(config)#firewall blacklist item timeout 100    
OLT(config)#firewall blacklist enable

To add the IP addresses in network segment to the firewall blacklist and bind ACL 3000 to these IP addresses, do as follows:

OLT(config)#acl 3000 
OLT(config-acl-adv-3000)#rule deny ip source destination 0 
OLT(config)#firewall blacklist enable acl-number 3000

To deny the users in network segment to access the maintenance Ethernet port with IP address on the device, do as follows:

OLT(config)#acl 3001
OLT(config-acl-adv-3001)#rule 5 deny icmp source destin
ation 0  
OLT(config)#firewall enable
OLT(config)#interface meth 0
OLT(config-if-meth0)#firewall packet-filter 3001 inbound 
 ACL applied successfully


Be the first to comment

Leave a Reply

Your email address will not be published.


For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.