Figure 303 – H3C Technologies H3C SecPath F1000-E User Manual
Page 567
542
Figure 303 Creating a policy
Table 72 Configuration items
Item Description
Policy Name
Enter a policy name.
IMPORTANT:
Any spaces entered at the beginning or end of a policy name will be ignored. A policy
name containing only spaces is considered as null.
Node Index
Enter a node index of the policy.
The node with a smaller number has a higher priority and is matched first.
Matching Mode
Select a matching mode for the node.
•
permit—If a packet satisfies all the criteria defined by the if-match clauses, the
packet is permitted and the apply clauses are executed. Otherwise, the packet will
go to the next policy node for a match.
•
deny—When a packet satisfies all the criteria defined by if-match clauses on the
policy node, the packet is rejected and will not go to the next policy node.
Minimum Length
Define an IP packet length match criterion.
IMPORTANT:
To create a packet length match criterion, both the minimum and maximum packet
lengths must be set. Leaving either of the boxes blank will delete the match criterion.
Maximum Length
Matched ACL
Enter an ACL number.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer