F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

311

312

313

314

315

316

317

318

319

320

Table Of Contents

286

process-id: Specifies the process ID of the specified routing protocol, in the range of 1 to 65535. You

need to specify a process ID when the routing protocol is rip, isis, or ospf.

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

If a protocol is specified, RIP filters only the routes redistributed from the specified routing protocol.

Otherwise, RIP filters all outbound routes.

If an interface is, RIP filters only the routes advertised by the specified interface. Otherwise, RIP filters

routes advertised by all RIP interfaces.

To reference an advanced ACL (with a number from 3000 to 3999) in the command, configure the ACL

in one of the following ways:

• To deny/permit a route with the specified destination, use the rule [ rule-id ] { deny | permit } ip

source sour-addr sour-wildcard command

• To deny/permit a route with the specified destination and mask, use the rule [ rule-id ] { deny |

permit } ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command.

The source keyword specifies the destination address of a route and the destination keyword specifies the

subnet mask of the route. The specified subnet mask must be contiguous. Otherwise, the configuration

does not take effect.

Examples

# Use ACL 2000 to filter outbound routes.

<Sysname> system-view

[Sysname] acl number 2000

[Sysname-acl-basic-2000] rule deny source 192.168.10.0 0.0.0.255

[Sysname-acl-basic-2000] quit

[Sysname] rip 1

[Sysname-rip-1] filter-policy 2000 export

# Use IP prefix list abc to filter outbound routes on GigabitEthernet 0/1.

[Sysname-rip-1] filter-policy ip-prefix abc export gigabitethernet 0/1

# Configure ACL 3000 to permit only route 113.0.0.0/16 to pass. Use ACL 3000 to filter outbound

routes.

<Sysname> system-view

[Sysname] acl number 3000

[Sysname-acl-adv-3000] rule 10 permit ip source 113.0.0.0 0 destination 255.255.0.0 0

[Sysname-acl-adv-3000] rule 100 deny ip

[Sysname-acl-adv-3000] quit

[Sysname] rip 1

[Sysname-rip 1] filter-policy 3000 export

Related commands

• acl (ACL and QoS Command Reference)

• import-route

• ip ip-prefix

filter-policy import (RIP view)

Use filter-policy import to configure RIP to filter the inbound routes.