R3303-HP HSR6800 Routers Security Command Reference
530
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any parameter, the command displays information about all ACLs for all GMs,
including the downloaded ACLs and the locally configured ACLs. A locally configured ACL refers to the
ACL referenced by the GDOI IPsec policy.
Examples
# Display information about all ACLs for all GMs.
<Sysname> display gdoi gm acl
Group Name: abc
ACL Downloaded From KS 12.1.1.100:
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255 destination 12.1.1.0 0.0.0.255
ACL Configured Locally:
IPsec Policy Name: gdoi-group1
ACL Identifier: 3001
rule 0 deny ip source 10.1.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
Group Name: 123
ACL Downloaded From KS 12.1.1.100:
rule 1 permit ip source 13.1.1.0 0.0.0.255 destination 13.1.2.0 0.0.0.255
# Display the ACL information that GMs downloaded from the KS.
<Sysname> display gdoi gm acl download
Group Name: abc
ACL Downloaded From KS 12.1.1.100:
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255 destination 12.1.1.0 0.0.0.255
# Display the ACL information locally configured on GMs.
<Sysname> display gdoi gm acl local
Group Name: abc
ACL Configured Locally:
IPsec Policy Name: gdoi-group1
ACL Identifier: 3001
rule 0 deny ip source 10.1.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
Table 90 Command output
Field Description
Group Name GDOI GM group name.
rule 0 permit ip Indicates that IPsec protects any IP packets.