H3C SecPath Series Скачать руководство пользователя страница 8

Страница: 8 / 27

ARP attack defense configuration commands

ARP automatic scanning and fixed ARP

configuration commands

arp fixup

Syntax

arp fixup

View

System view

Default Level

2: System level

Parameters

None

Description

Use the

arp fixup

command to change dynamic ARP entries into static ARP entries.

Note the following:

•

The static ARP entries changed from dynamic ARP entries have the same attributes as the static ARP
entries manually configured. Use the

arp fixup

command to change the recently created dynamic

ARP entries into static.

•

The number of static ARP entries changed from dynamic ARP entries is restricted by the number of
static ARP entries that the firewall supports. As a result, the firewall may fail to change all dynamic

ARP entries into static.

•

Suppose that the number of dynamic ARP entries is

and that of the existing static ARP entries is

When the dynamic ARP entries are changed into static, new dynamic ARP entries may be created

(suppose the number is

) and some of the dynamic ARP entries may be aged out (suppose the

number is

). After the process is complete, the number of static ARP entries is

–

•

To delete a specific static ARP entry changed from a dynamic one, use the

undo arp

ip-address

[

vpn-instance-name

] command. To delete all such static ARP entries, use the

reset arp all

reset

arp static

command.

Examples

# Enable Fixed ARP.

<Sysname> system-view

[Sysname] arp fixup

Содержание SecPath Series

Страница 1: ...High End Firewalls Attack Protection Command Reference Hangzhou H3C Technologies Co Ltd http www h3c com Software version SECPATH1000FE SECBLADEII CMW520 R3166 SECPATH5000FA CMW520 R3206 Document vers...

Страница 2: ...ware Secware Storware NQA VVG V2 G Vn G PSPT XGbus N Bus TiGem InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are th...

Страница 3: ...mand conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown Italic Italic text represents arguments that you replace with actual value...

Страница 4: ...ot understood or followed can result in personal injury CAUTION An alert that calls attention to important information that if not understood or followed can result in data loss data corruption or dam...

Страница 5: ...s Configuration examples Describe typical network scenarios and provide configuration examples and instructions Operations and maintenance Software upgrade guide Describes the software upgrade procedu...

Страница 6: ...Technical support service h3c com http www h3c com Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...

Страница 7: ...l http activex blocking suffix 9 firewall http java blocking acl 9 firewall http java blocking enable 10 firewall http java blocking suffix 11 firewall http url filter host acl 11 firewall http url fi...

Страница 8: ...estricted by the number of static ARP entries that the firewall supports As a result the firewall may fail to change all dynamic ARP entries into static Suppose that the number of dynamic ARP entries...

Страница 9: ...primary IP address of the interface resides for neighbors The start IP address and end IP address must be on the same network as the primary IP address or manually configured secondary IP addresses o...

Страница 10: ...of 1 to 9 characters It must start with a dot and consist of characters 0 to 9 a to z and A to Z verbose Specifies detailed information Description Use the display firewall http activex blocking comma...

Страница 11: ...keywords Specifies a blocking suffix keyword It is a string of 1 to 9 characters It must start with a dot and consist of characters 0 to 9 a to z and A to Z verbose Specifies detailed information Des...

Страница 12: ...ring keywords item keywords Specifies a filtering keyword The keywords argument is a case insensitive string of 1 to 80 characters Valid characters include 0 to 9 a to z A to Z dot hyphen underline _...

Страница 13: ...eny No ACL group has been configured URL filter host has loaded file cfa0 urlfilter There are 10 packet s being filtered There are 0 packet s being passed Table 4 Output description Field Description...

Страница 14: ...cket including select had been matched for 10 times Display URL parameter filtering information about all keywords Sysname display firewall http url filter parameter all SN Match Times Keywords 1 0 se...

Страница 15: ...requests containing any suffix keywords in the ActiveX blocking suffix list will be processed according to the ACL You can specify multiple ACLs for ActiveX blocking but only the last one takes effec...

Страница 16: ...level Parameters keywords Blocking suffix keyword a case insensitive string of 1 to 9 characters It must start with a dot and consist of characters 0 to 9 a to z and A to Z Description Use the firewal...

Страница 17: ...ocking based on the ACL takes effect only after you create and configure the ACL correctly Related commands display firewall http java blocking Examples Specify the ACL for Java blocking as ACL 2002 S...

Страница 18: ...va blocking suffix command to add a Java blocking suffix keyword to the Java blocking suffix list Use the undo firewall http java blocking suffix command to remove a Java blocking suffix keyword from...

Страница 19: ...host Examples Specify URL address filtering to permit Web requests with website IP addresses permitted by ACL 2000 Sysname system view Sysname acl number 2000 Sysname acl basic 2000 rule 0 permit sour...

Страница 20: ...ter host Examples Enable the URL address filtering function Sysname system view Sysname firewall http url filter host enable firewall http url filter host ip address Syntax firewall http url filter ho...

Страница 21: ...he file storing the filtering entries The name must contain the file path Description Use the firewall http url filter host load command to configure the firewall to load a specified URL address filte...

Страница 22: ...ldcard Meaning Usage guidelines Matches website addresses starting with the keyword It can be present once at the beginning of a filtering entry Matches website addresses ending with the keyword It ca...

Страница 23: ...on for an existing filtering entry for example from deny to permit Related commands display firewall http url filter host Examples Add filtering entry china to the URL address filtering entry list and...

Страница 24: ...he URL parameter filtering entry list Use the undo firewall http url filter parameter command to remove URL parameter filtering entries from the list If no parameters are specified the undo firewall h...

Страница 25: ...url filter parameter load View System view Default level 2 System level Parameters file name Name of the file storing the parameter filtering entries The name must contain the file path Description U...

Страница 26: ...er reset firewall http Syntax reset firewall http activex blocking java blocking url filter host url filter parameter counter View User view Default level 1 Monitor level Parameters activex blocking S...

Страница 27: ...9 firewall http java blocking enable 10 firewall http java blocking suffix 1 1 firewall http url filter host acl 1 1 firewall http url filter host default 12 firewall http url filter host enable 13 f...

Результаты поиска

Содержание SecPath Series

Отзывы:

Похожие инструкции для SecPath Series

Бренды по названию

Популярные бренды

H3C SecPath Series, Справочник по командам

Результаты поиска

Содержание SecPath Series

Отзывы:

Похожие инструкции для SecPath Series

Бренды по названию

Популярные бренды