N in, Figure 70 – H3C Technologies H3C SecPath F1000-E User Manual
Page 80
70
Table 23 Operations you can perform on the list
Field Operation
Referenced ACLs
Click an ACL to enter the ACL configuration page, where you can view, create, and
delete rules in the ACL. For information about ACL configuration, see "ACL
configuration."
Status
•
shows that the interzone policy group is enabled. You can click Disable to
disable the interzone policy group.
•
shows that the interzone policy group is disabled. You can click Enable to
enable the interzone policy group.
Figure 70 Interzone policy group configuration page
Table 24 Configuration items
Item Description
Source Zone
Specify the source zone for the interzone policy group.
Dest Zone
Specify the destination zone for the interzone policy group.
Selected ACLs
Select the ACLs to be referenced by the interzone policy group.
The selected ACLs are listed in the order they are selected, which is also the match order.
An ACL listed earlier has a higher priority, and is matched earlier.
IMPORTANT:
For any ACL referenced by an interzone policy group, only the five tuples (source IP
address, destination IP address, source port, destination port, and protocol type) are used.
Enable
Select this box to enable interzone policy group settings.
Displaying packet statistics of an interzone policy
Select Firewall > Security Policy > Policy Matching Statistics from the navigation tree to enter the page as
shown in
. Select the source and target zone, and then click Search. The page displays the
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS