Manualshelf

HP VPN Firewall Appliances Network Management Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1101110211031104110511061107110811091110
1083
deny: Specifies the deny mode. If a route matches the item, the route is denied without matching against
the next item; if not, the route matches against the next item (suppose the IPv4 prefix list has multiple
items).
permit: Specifies the permit mode. If a route matches the item, it passes the IPv4 prefix list. If not, it
matches against the next item (suppose the IPv4 prefix list has multiple items).
ip-address mask-length: Specifies an IPv4 prefix and mask length. The mask-length is in the range of 0 to
32.
min-mask-length, max-mask-length: Specifies the prefix range. greater-equal means "greater than or
equal to" and less-equal means "less than or equal to." The range relation is mask-length <=
min-mask-length <= max-mask-length <= 32. If only the min-mask-length is specified, the prefix length
range is [ min-mask-length, 32 ]. If only the max-mask-length is specified, the prefix length range is
[ mask-length, max-mask-length ]. If both min-mask-length and max-mask-length are specified, the prefix
length range is [ min-mask-length, max-mask-length ].
Usage guidelines
An IPv4 prefix list is used to filter IPv4 addresses. It can contain multiple items, each of which specifies a
range of IPv4 prefixes. The relation between the items is logic OR. If an item is passed, the IPv4 prefix list
is passed. If no item is passed, the IP prefix list cannot be passed.
The IP prefix range is determined by mask-length and [ min-mask-length, max-mask-length ]. If both
mask-length and [ min-mask-length, max-mask-length ] are specified, the IP address must match both of
them.
If both ip-address and mask-length are specified as 0.0.0.0 0, only the default route is matched.
To match all routes, use 0.0.0.0 0 less-equal 32.
Examples
# Configure IP prefix list p1 to permit routes destined for network 10.0.192.0/8 and with mask length 17
or 18.
<Sysname> system-view
[Sysname] ip ip-prefix p1 permit 10.0.192.0 8 greater-equal 17 less-equal 18
reset ip ip-prefix
Use reset ip ip-prefix to clear IPv4 prefix list statistics.
Syntax
reset ip ip-prefix [ ip-prefix-name ]
Views
User view
Default command level
2: System level
Parameters
ip-prefix-name: Specifies an IP prefix list by its name, a string of 1 to 19 characters.
Usage guidelines
If no ip prefix list is specified, this command clears the statistics for all IPv4 prefix lists.