beautypg.com

H3C Technologies H3C SecBlade IPS Cards User Manual

Page 197

background image

18-18

1) A policy that has been applied to a segment cannot be deleted. If you delete a policy on the

bandwidth management policy displaying page, you just delete the policy application.

2) The system-defined bandwidth management policy and rule cannot be deleted.

3) On a segment, one packet can match only one bandwidth management policy. If multiple

bandwidth management policies are applied to a segment, the system matches packets against

segment policies in the descending order of precision of IP address ranges specified in the policies;

for segment polices with the same IP address range precision, the policy configured first is

preferentially matched.

4) In the rule list of the bandwidth management policy, if the service referenced by a rule does not

exist, the service name of the rule is displayed as “! Unknown”.

5) To import a user-defined protocol file to the device successfully, you must write the user-defined

protocol file in a certain format, as shown in the following example:

Protocol_begin

Protocol_name=protocol

Protocol_description=the description of the protocol

Protocol_type=TCP

Protocol_status=enable

Protocol_port=457-666,45

Protocol_string=test protocol string

Protocol_regex=test protocol regex

Protocol_end

Table 18-8 Description on the parameters in a user-defined protocol file

Parameter

Description

Required/optional

Protocol_begin

Start line of the user-defined protocol.

Each user-defined protocol must begin with Protocol_begin.

Required

Protocol_name

Name of the user-defined protocol.

The parameter is a string of 1 to 255 characters, excluding the
space before or after the string.

Required

Protocol_description

Description of the user-defined protocol.

The parameter is a string of 1 to 255 characters, excluding the
space before or after the string.

Optional

Protocol_type

Type of the user-defined protocol.

This parameter can be TCP or UDP.

Required

Protocol_status

Status of the user-defined protocol.

This parameter can be enable or disable.

Required

Protocol_port

Port range of the user-defined protocol.

A port number ranges from 0 to 65535; use a hyphen (-) to
specify a port number range; you can specify up to eight port
ranges, which are separated by commas (,). For example,
“0,2,5,10,1021-30,8080,9000-9005,9010”.

Protocol_string

Signature string of the user-defined protocol.

The parameter is a string of 8 to 255 characters, excluding the
space before or after the string.

Use either approach

See also other documents in the category H3C Technologies Safety: