The default packet-filter intrazone enable command enables the default security policy to control intrazone traffic.
The undo default packet-filter intrazone enable command disables the default security policy from controlling intrazone traffic.
By default, intrazone traffic is not controlled by the default security policy.
If the default packet-filter intrazone enable command is not configured, the default security policy controls interzone traffic but not intrazone traffic, and the default forwarding action is permit. To control intrazone traffic forwarding, you can configure specific security policies. If you want to use the default security policy to control intrazone traffic, run the default packet-filter intrazone enable command. After the default packet-filter intrazone enable command is run, if intrazone traffic does not match the intrazone security policy, the traffic will match the default security policy. The configuration of the default security policy takes effect on intrazone traffic, including the action of the default security policy and the log function.