F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

111

112

113

114

115

116

117

118

119

120

112

NOTE:

• POP3 filtering policies created in system view belong to the default VD.

• POP3 filtering policies created in VD view belong to the corresponding VD.

214BConfiguring an FTP filtering policy

You can specify multiple filtering entries for filtering FTP packets in an FTP filtering policy. Packets that

match any filtering entry are dropped.

An FTP filtering policy can contain different types of filtering entries and each type can contain multiple

filtering entries.

To configure an FTP filtering policy:

Ste

Command

Remarks

1. Enter system view. system-view N/A

2. Enter VD view.

switchto vd vd-name

This command is required for entering the

system view of a non-default VD.

3. Create an FTP

filtering policy and

enter its view.

content-filtering ftp-policy

policy-name

By default, no FTP filtering policy exists.

4. Specify a keyword

filtering entry for

command word

filtering.

command-filtering

keyword-entry

keyword-entry-name

Optional.

By default, no keyword filtering entry is

specified for command word filtering.

5. Specify a filename

filtering entry for

upload filename

filtering.

upload-filename-filtering

filename-entry

filename-entry-name

Optional.

By default, no filename filtering entry is

specified for upload filename filtering.

6. Specify a filename

filtering entry for

download filename

filtering.

download-filename-filtering

filename-entry

filename-entry-name

Optional.

By default, no filename filtering entry is

specified for download filename filtering.

7. Enable FTP filtering

logging.

logging enable

Optional.

By default, FTP filtering logging is disabled.

FTP filtering logging takes effect only when

interzone policy rule logging is enabled.

NOTE:

• FTP filtering policies created in system view belong to the default VD.

• FTP filtering policies created in VD view belong to the corresponding VD.

215BConfiguring a Telnet filtering policy

You can specify multiple filtering entries for filtering Telnet packets in a Telnet filtering policy. Packets that

match any filtering entry are dropped.

A Telnet filtering policy can contain different types of filtering entries and each type can contain multiple

filtering entries.

To configure a Telnet filtering policy: