R2511-HP MSR Router Series OAA Configuration Guide(V5)
10
Task Command Remarks
Display ACFP rule
configuration information.
display acfp rule-info { in-interface [ interface-type
interface-number ] | out-interface [ interface-type
interface-number ] | policy [ client-id policy-index ] } [ |
{ begin | exclude | include } regular-expression ]
Available in any
view.
Display ACFP rule cache
configuration information.
display acfp rule-cache [ in-interface interface-type
interface-number | out-interface interface-type
interface-number ] * [ | { begin | exclude | include }
regular-expression ]
Available in any
view.
Display the configuration
information of ACFP Trap.
display snmp-agent trap-list [ | { begin | exclude |
include } regular-expression ]
Available in any
view.
Clear ACFP rule cache.
reset acfp rule-cache [ in-interface interface-type
interface-number | out-interface interface-type
interface-number ] *
Available in user
view.
ACFP configuration example
Network requirements
As shown in Figure 2, different departments are interconnected on the intranet through Device, which
serves as the ACFP server. An ACFP client is inserted in Device.
Configure the ACFP client to analyze traffic arriving at interface Ethernet 1/2, and control the traffic as
follows:
• Permit all packets whose source IP address is 192.168.1.1/24.
• Deny all packets whose source IP address is 192.168.1.2/24.
Figure 2 Network diagram
Configuration procedure
1. Configure Device:
# Enable the ACFP server and ACSEI server.
<Device> system-view
[Device] acfp server enable
[Device] acsei server enable
Eth1/3
Eth1/2 Eth1/1
Device
ACFP client
ACFP server
Host A
192.168.1.1/24
Host B
192.168.1.2/24
Host C
192.168.2.1/24
Host D
192.168.2.2/24