[x]

DAR configuration examples > FTP transfer prohibition configuration example

 

 Next

FTP transfer prohibition configuration example

Network requirements

As shown in Figure 34, configure the router to prohibit PCs from uploading files to or downloading files from the FTP server.

Figure 34: Network diagram

Configuration procedure

# Configure the classifier ftpclass for matching FTP packets.

<Router> system-view
[Router] traffic classifier ftpclass
[Router-classifier-ftpclass] if-match protocol ftp
[Router-classifier-ftpclass] quit

# Configure a packet filtering behavior.

[Router] traffic behavior deny
[Router-behavior-deny] filter deny
[Router-behavior-deny] quit

# Configure a QoS policy to match and filter FTP packets.

[Router] qos policy ftppolicy
[Router-qospolicy-ftppolicy] classifier ftpclass behavior deny
[Router-qospolicy-ftppolicy] quit

# Enable DAR for traffic recognition, and apply the QoS policy to the incoming traffic of Ethernet 1/1.

[Router] interface ethernet 1/1
[Router-Ethernet1/1] dar enable
[Router-Ethernet1/1] qos apply policy ftppolicy inbound

Run FTP client software on a PC. You can see the PC cannot use FTP for uploading or downloading files.

prev

 

up

 next

DAR configuration examples 

home

 HTTP URL-based DAR configuration example

© Copyright 2016 Hewlett Packard Enterprise Development LP