This section describes how to configure a whitelist on the CLI.
firewall whitelist item source-ip { source-IPv4-address | source-IPv6-address } [ source-port source-port ] [ protocol { tcp | udp | icmp | protocol-num } ]
Packets from a whitelisted source IP address are directly forwarded, and the blacklist checks, content filtering, and anti-DDoS checks cease to be effective. When you whitelist a source IP address, you can also specify a protocol type or source port number for this source IP address. This configuration allows the device to forward only the packets of the specified protocol type or source port from this source IP address.
firewall whitelist item destination-ip { destination-IPv4-address | destination-IPv6-address } [ destination-port destination-port ] [ protocol { tcp | udp | icmp | protocol-num } ]
Packets destined for a whitelisted destination IP address are directly forwarded, and the blacklist checks, content filtering, and anti-DDoS checks cease to be effective. When you whitelist a destination IP address, you can also specify a protocol type or destination port number for this destination IP address. This configuration allows the device to forward the packets of the specified protocol type or destination port number only destined for this destination IP address.