R3166-R3206-HP High-End Firewalls Access Control Command Reference-6PW101
32
There are 2 policies:
Connection-limit policy 0, refcount 1, 2 limits
limit 0 source any amount dns 100 http 200 tcp 300 other 400 rate 100 shared
limit 1 source 1.1.1.0 24 amount tcp 100 bandwidth 200 shared
Connection-limit policy 1, refcount 0, 1 limit
limit 4500 source 2.2.0.0 16 amount dns 200
# Display information about all connection limit policies.
<Sysname> display connection-limit policy all
There are 1 policies:
Connection-limit policy 0, refcount 0, 1 limit
limit 0 source ip 3.3.3.0 24 source-vpn vpn1 destination ip any protocol tcp
max-connections 200 per-source
Table 11 Output description
Field Descri
p
tion
Connection-limit policy Number of the connection limit policy.
refcount 1, 2 limits Number of times that the policy is applied and number of rules in the policy.
limit xxx Rule in the policy. For more information, see the limit command.
limit
Syntax
limit limit-id { source ip { ip-address mask-length | any } [ source-vpn src-vpn-name ] | destination ip
{ ip-address mask-length | any } [ destination-vpn dst-vpn-name ] } * protocol { dns | http | ip | tcp |
udp } max-connections max-num [ per-destination | per-source | per-source-destination ]
undo limit limit-id
View
Connection limit policy view
Default level
2: System level
Parameters
limit-id: ID of a rule in the connection limit policy, in the range of 0 to 255.
source ip: Specifies the source IP address of the connections to be limited.
ip-address mask-length: IP address and its mask length. The mask-length argument is in the range of 1 to
32.
any: Specifies all IP addresses on the specified network or the public network. For example, source ip any
specifies all hosts on the source network.
source-vpn src-vpn-name: Specifies a source VPN by its instance name a case sensitive string of 1 to 31
characters. Absence of the keyword and argument combination indicates the public network.
destination ip: Specifies the destination IP address of the connections to be limited.