Syntax

ip access-list NAME (permitdeny) A.B.C.D/M

ip as-path access-list NAME (permitdeny) ASN_FILTER delete ip as-path access-list NAME (permitdeny) ASN_FILTER

ip community-list NAME (permitdeny) ((AA:NN)internetlocal-asno-advertiseno-export)

delete ip community-list NAME (permitdeny) ((AA:NN)internetlocal-asno-advertiseno-export)

ip prefix-list NAME (permitdeny) A.B.C.D/M [ge GE-VALUE] [le LE-VALUE] ip route A.B.C.D/M A.B.C.DINTERFACE [DISTANCE]

ipv6 route X:X::X:X/M (X:X::X:X[%INTERFACE])INTERFACE [DISTANCE] display ip route

Valid entries:

 

access-list

Access list

as-path

AS Path access list

community-list

Community list

prefix-list

Prefix list

route

Add an IPv4 static route

Example

NGFW{running}ip access-list myaccesslist permit 0.0.0.0/0 NGFW{running}ip as-path access-list myasnaccesslist permit ^64496$ NGFW{running}delete ip as-path access-list myasnaccesslist permit ^64496$ NGFW{running}ip community-list mycommunitylist permit 64496:100 NGFW{running}ip community-list mycommunitylist permit internet NGFW{running}delete ip community-list mycommunitylist permit 64496:100 NGFW{running}ip prefix-list myprefixlist permit 192.168.0.0/16 ge 24 le 24 NGFW{running}ip route 192.168.1.0/24 192.0.2.1 1

NGFW{running}ip route 192.168.1.0/24 ethernet5 1

NGFW{running}display ip route

#IPV4 ROUTES

ip route 192.168.1.0/24 192.0.2.1 1 ip route 192.168.1.0/24 ethernet5

ips

Enters IPS profile context mode.

Syntax

ips

Example

NGFW{running}ips

Entering Immediate Commit Feature. Changes take effect immediately. NGFW{running-ips}help

Valid commands are:

#Enter context display-categoryrules

#Other commands

afc-mode AFCMODE afc-severity SEVERITY connection-table TIMEOUTTYPE SECONDS delete profile XPROFILENAME deployment-choices

display

gzip-decompression enabledisable help [fullCOMMAND]

72 Edit Running Configuration Commands

Page 80
Image 80
HP TippingPoint Next Generation Firewall manual Ips, Enters IPS profile context mode Syntax, # IPV4 Routes