华为防火墙:
命令格式
system ip address-set 10.0.0.0/8 type object address 0 10.0.0.0 mask 8 q ip address-set 12.2.7.0/24 type object address 0 12.2.7.0 mask 24 q ip service-set TCP-8443 type object service 0 protocol tcp source-port 0 to 65535 destination-port 8443 q ip service-set TCP-9443 type object service 0 protocol tcp source-port 0 to 65535 destination-port 9443 q security-policy rule name 10168 action permit source-zone inside destination-zone untrust source-address address-set 10.0.0.0/8 destination-address address-set 12.2.7.0/24 service TCP-8443 service TCP-9443 q return save y y
删除命令 undo
地址组中删除地址对象
ip address-set qiyenianjin_server_group type group address 0 address-set 10.1.66.0/24 address 1 address-set 10.1.36.0/26 --想要删除这一行 address 2 address-set ip_10.1.42.172/32 address 3 address-set ip_10.1.42.173/32
ip address-set qiyenianjin_server_group type group
undo address 1 --第一种写法,取num值
undo address address-set 10.1.36.0/26 --第二种写法
策略中删除地址引用
删除源地址
rule name mgt2local_ssh
undo source-address address-set 10.1.36.0/26
删除目的地址
rule name 55
undo destination-address address-set 10.1.36.0/26
山石防火墙:
命令格式
configure address "12.2.0.0/19" ip 12.2.0.0/19 exit address "12.2.7.0/24" ip 12.2.7.0/24 exit rule id 10028 before 3720 src-zone "bg-client" dst-zone "shengchan" src-addr "12.2.0.0/19" dst-addr "12.2.7.0/24" service "TCP-8443" service "TCP-9443" action permit exit save yy
删除命令 no
rule id 20001 no dst-addr "10.197.5.0/24" --删除源地址 exit address Deny-CS1-G no member "10.197.9.0/24" --地址组中删除地址对象 exit
rule id 20002
no src-addr "10.197.5.0/24" --删除目的地址
exit