< Home

source-address (SSL-encrypted traffic detection policy rule view)

Function

The source address command configures the source address for an SSL-encrypted traffic detection policy rule.

The undo source address command deletes the source address configured for an SSL-encrypted traffic detection policy rule.

Format

source address { address-set address-set-name &<1–6> | ipv4–address { ipv4–mask-length | mask mask-address | wildcard } [ description description ] | range ipv4–start-address ipv4–end-address [ description description ] | any }

undo source address { address-set address-set-name &<1–6> | ipv4–address { ipv4–mask-length | mask mask-address | wildcard } [ description ] | range ipv4–start-address ipv4–end-address [ description ] | all }

Parameters

Parameter Description Value
address-set address-set-name &<1–6>

Indicates the name of an address or address group.

 The address or address group must exist. Up to six addresses or address groups can be configured or deleted for the SSL-encrypted traffic detection policy rule.
ipv4–address

Indicates an IPv4 address.

 The value is in dotted decimal notation.
<ipv4–mask-length>

Indicates an IPv4 address mask.

 The value is an integer ranging from 1 to 32.
mask mask-address

Indicates an IPv4 address mask.

 The value is in dotted decimal notation. The corresponding binary value supports discontinuous 1s, for example, 255.0.255.0 (11111111 00000000 11111111 00000000). 1s in the binary value indicate bits for matching, and 0s do not need to be concerned. For example, 192.168.1.1/255.0.255.0 indicates an IP address in 192.*.1.* format.
wildcard

Indicates the wildcard of an IPv4 address.

 The value is in dotted decimal notation. The corresponding binary value supports discontinuous 1s, for example, 0.255.0.255 (00000000 11111111 00000000 11111111). 0s in the binary value indicate bits for matching, and 1s do not need to be concerned. For example, 192.168.1.1/0.255.0.255 indicates an IP address in 192.*.1.* format.
description description Specifies the description of an individual IPv4/IPv6 address or address segment. The value is a string of 1 to 128 characters.
range

Indicates the address range.

 -
ipv4–start-address

Indicates the start IPv4 address of the IPv4 address range.

 The value is in dotted decimal notation.
ipv4–end-address

Indicates the end IPv4 address of the IPv4 address range.

 The value is in dotted decimal notation.
any

Indicates any source address.

 -
all

Indicates that all source addresses corresponding to the SSL-encrypted traffic detection policy rule are deleted.

-

Views

SSL-encrypted traffic detection policy rule view

Default Level

2: Configuration level

Usage Guidelines

None

Example

# Configure the source address for policy policy_sec.

<sysname> system-view
[sysname] decryption-policy
[sysname-policy-decryption] rule name policy_sec
[sysname-policy-decryption-rule-policy_sec] source-address 10.1.1.1 24
Parent Topic: SSL-Encrypted Traffic Detection Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >