Login
- Table of Contents
-
- 03-Security Command Reference
- 00-Preface
- 01-Security zone commands
- 02-Security policy commands
- 03-Object group commands
- 04-Object policy commands
- 05-AAA commands
- 06-IPoE commands
- 07-Portal commands
- 08-User identification commands
- 09-Password control commands
- 10-Public key management commands
- 11-PKI commands
- 12-SSH commands
- 13-SSL commands
- 14-ASPF commands
- 15-APR commands
- 16-Session management commands
- 17-Connection limit commands
- 18-Attack detection and prevention commands
- 19-DDoS protection commands
- 20-uRPF commands
- 21-ARP attack protection commands
- 22-ND attack defense commands
- 23-IP-MAC binding commands
- 24-Keychain commands
- 25-Crypto engine commands
- 26-SMS commands
- 27-Terminal identification commands
- 28-Flow manager commands
- 29-Trusted access control commands
- 30-Location identification commands
- 31-Server connection detection commands
- 32-MAC authentication commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 30-Location identification commands | 87.79 KB |
Location identification commands
add geo-location
Use add geo-location to add a location to a location group.
Use undo add geo-location to remove a location from a location group.
Syntax
add geo-location geo-location-name
undo add geo-location [ geo-location-name ]
Default
A location group does not contain any locations.
Views
Location group view
Predefined user roles
network-admin
context-admin
Parameters
geo-location-name: Specifies a location by its name, a case-insensitive string of 1 to 63 characters. The location name cannot contain hyphens (-). If you do not specify this argument when executing the undo add geo-location command, the command removes all locations from the location group.
Examples
# Add location beijing to location group region1.
<Sysname> system-view
[Sysname] geo-location-group region1
[Sysname-geo-location-group-region1] add geo-location beijing
add geo-location-group
Use add geo-location-group to add a location group to a location group.
Use undo add geo-location-group to remove a location group from a location group.
Syntax
add geo-location-group geo-location-group-name
undo add geo-location-group [ geo-location-group-name ]
Default
A location group does not contain any location groups.
Views
Location group view
Predefined user roles
network-admin
context-admin
Parameters
geo-location-group-name: Specifies a location group by its name, a case-insensitive string of 1 to 63 characters. The location group name cannot contain hyphens (-). If you do not specify this argument when executing the undo add geo-location-group command, the command removes all location groups from the location group.
Usage guidelines
Two location groups cannot contain each other at the same time.
The system supports a maximum of three location group hierarchy layers. For example, if groups 1 and 2 are members of groups 2 and 3, respectively, group 3 cannot have members and group 1 cannot be members of another group.
Examples
# Add location group region2 to location group region1.
<Sysname> system-view
[Sysname] geo-location-group region1
[Sysname-geo-location-group-region1] add geo-location-group region2
coordinate
Use coordinate to specify the longitude and latitude of a location.
Use undo coordinate to restore the default.
Syntax
coordinate longitude longitude-value latitude latitude-value
undo coordinate
Default
The longitude and latitude are not specified.
Views
User-defined location view
Predefined user roles
network-admin
context-admin
Parameters
longitude longitude-value: Specifies the longitude in the range of –180 to 180 degrees. Values east of Prime Meridian are positive and values west of Prime Meridian are negative.
latitude latitude-value: Specifies the latitude in the range of –90 to 90 degrees. Values north of the Equator are positive, and values south of the Equator are negative.
Usage guidelines
The longitude and latitude can be specified only for a user-defined location. The longitude and latitude of a predefined location are fixed and cannot be modified.
Examples
# Specify the longitude and latitude as 116 and 39 for location haidian.
<Sysname> system-view
[Sysname] geo-location user-defined haidian
[Sysname-user-defined-location-haidian] coordinate longitude 116 latitude 39
Related commands
display geo-location
description (location group view)
Use description to configure a description for a location group.
Use undo description to restore the default.
Syntax
description text
undo description
Default
A location group does not have a description.
Views
Location group view
Predefined user roles
network-admin
context-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 127 characters.
Examples
# Configure the description as definedLocation for location group reg1.
<Sysname> system-view
[Sysname] geo-location-group reg1
[Sysname-geo-location-group-reg1] description definedLocation
Related commands
display geo-location-group
description (location view)
Use description to configure a description for a location.
Use undo description to restore the default.
Syntax
description text
undo description
Default
A location does not have a description.
Views
Location view
Predefined user roles
network-admin
context-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 127 characters.
Examples
# Configure the description as definedLocation for user-defined location haidian.
<Sysname> system-view
[Sysname] geo-location user-defined haidian
[Sysname-user-defined-location-haidian] description definedLocation
# Configure the description as preDefinedLocation for predefined location beijing.
<Sysname> system-view
[Sysname] geo-location pre-defined beijing
[Sysname-pre-defined-location-beijing] description preDefinedLocation
# Configure the description as unknownLocation for the unknown location.
<Sysname> system-view
[Sysname] geo-location unknown
[Sysname-unknown-location] description unknownLocation
Related commands
display geo-location
display geo-location
Use display geo-location to display information about locations.
Syntax
display geo-location { all | type { pre-defined | unknown | user-defined } | name geo-location-name }
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
all: Specifies all locations.
type: Specifies a location type.
pre-defined: Specifies predefined locations.
unknown: Specifies the unknown location.
user-defined: Specifies user-defined locations.
name geo-location-name: Specifies a location by its name, a case-insensitive string of 1 to 63 characters.
Examples
# Display information about all locations.
<Sysname> display geo-location all
Geo location name: beijing
Type: Pre-defined
Description:
Coordinate <Longitude, Latitude>: <45.00, 50.00>
IP addresses: 5
Geo location name: unknown
Type: Unknown
Description:
IP addresses: 1
Geo location name: city1
Type: User-defined
Description:
Coordinate <Longitude, Latitude>: <45.00, 50.00>
IP addresses: 1
# Display information about all predefined locations.
<Sysname> display geo-location type pre-defined
Geo location name: beijing
Type: Pre-defined
Description:
Coordinate <Longitude, Latitude>: <45.00, 50.00>
User-defined IP addresses: 5
1.2.3.0/32
1.2.3.4/32
3.3.3.6/32
192.168.6.131/32
192.168.195.0/24
# Display information about all location beijing.
<Sysname> display geo-location name beijing
Geo location name: beijing
Type: Pre-defined
Description:
Coordinate <Longitude, Latitude>: <45.00, 50.00>
User-defined IP addresses: 5
1.2.3.0/32
1.2.3.4/32
3.3.3.6/32
192.168.6.131/32
192.168.195.0/24
Pre-defined IP addresses: 1
14.0.0.1/24
display geo-location ip
Use display geo-location ip to display the location to which an IPv4 address belongs.
Syntax
display geo-location ip ip-address
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
ip-address: Specifies an IPv4 address in dotted decimal notation.
Examples
# Display the location to which IP address 1.2.2.1 belongs.
<Sysname> display geo-location ip 1.2.2.1
IP address Location
1.2.2.1 beijing
display geo-location-group
Use display geo-location-group to display information about location groups.
Syntax
display geo-location-group [ name geo-location-group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
name geo-location-group-name: Specifies a location group by its name, a case-insensitive string of 1 to 63 characters. The location group name cannot contain hyphens (-). If you do not specify a location group, this command displays information about all location groups.
Examples
# Display information about all location groups.
<Sysname> display geo-location-group
Geo location group name: reg1
Description:
Geo location members:
beijing
shanghai
Geo location group members:
reg2
Geo location group name: reg2
Description:
Geo location members:
tianjin
# Display information about location group reg1.
<Sysname> display geo-location-group name reg1
Geo location group name: reg1
Description:
Geo location members:
beijing
shanghai
Geo location group members:
reg2
geo-load
Use geo-load to load a location signature file.
Syntax
geo-load file-name
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
file-name: Specifies a location signature file by its name, a case-sensitive string of 1 to 255 characters
Usage guidelines
A location signature file is loaded by default. To update the location signature library, copy the latest signature file to the local root directory and load it.
Examples
# Load location signature file location.tar.gz.
<Sysname> system-view
[Sysname] geo-load location.tar.gz
geo-location
Use geo-location to enter the view of the unknown location or a predefined location, create a user-defined location and enter its view, or enter the view of an existing user-defined location.
Use undo geo-location to delete a user-defined location.
Syntax
geo-location { unknown | { pre-defined | user-defined } geo-location-name }
undo geo-location user-defined geo-location-name
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
unknown: Specifies the unknown location.
pre-defined: Specifies a predefined location.
user-defined: Specifies a user-defined location.
geo-location-name: Specifies a location by its name, a case-insensitive string of 1 to 63 characters. The location name cannot contain hyphens (-).
Usage guidelines
Locations include predefined locations, user-defined locations, and an unknown location. The name of a user-defined location cannot be the same as that of a predefined location.
Examples
# Enter the view of predefined location beijing.
<Sysname> system-view
[Sysname] geo-location pre-defined beijing
[Sysname-pre-defined-location-beijing]
# Create user-defined location haidian and enter its view.
<Sysname> system-view
[Sysname] geo-location user-defined haidian
[Sysname-user-defined-location-haidian]
# Enter the view of the unknown location.
<Sysname> system-view
[Sysname] geo-location unknown
[Sysname-unknown-location]
Related commands
display geo-location
geo-location-group
Use geo-location-group to create a location group and enter its view, or enter the view of an existing location group.
Use undo geo-location-group to delete a location group.
Syntax
geo-location-group geo-location-group-name
undo geo-location-group geo-location-group-name
Default
No location groups exist.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
geo-location-group-name: Specifies a location group by its name, a case-insensitive string of 1 to 63 characters. The location group name cannot contain hyphens (-).
Usage guidelines
A location group can contain locations and location groups as members.
Examples
# Create location group reg1 and enter its view.
<Sysname> system-view
[Sysname] geo-location-group reg1
[Sysname-geo-location-group-reg1]
Related commands
display geo-location-group
ip address
Use ip address to add IPv4 addresses to a location.
Use undo ip address to remove IPv4 addresses from a location.
Syntax
ip address { ip-address { mask-length | mask } | range ip-address1 ip-address2 }
undo ip address { ip-address { mask-length | mask } | range ip-address1 ip-address2 }
Default
Only predefined locations and the unknown location contain IPv4 addresses.
Views
Location view
Predefined user roles
network-admin
context-admin
Parameters
ip-address { mask-length | mask }: Specifies an IPv4 network segment. The mask-length argument specifies the mask length in the range of 1 to 32. The mask argument specifies the mask in dotted decimal notation.
range ip-address1 ip-address2: Specifies an IPv4 address range. The ip-address1 argument specifies the start address, and the ip-address2 argument specifies the end address.
Usage guidelines
The IPv4 addresses in different locations cannot be overlapping.
When manually added IPv4 addresses overlap with predefined IPv4 addresses, the predefined IPv4 addresses do not take effect.
The undo ip address command can only remove manually added IPv4 addresses.
Examples
# Add network segment 20.20.20.0/24 to user-defined location beijing.
<Sysname> system-view
[Sysname] geo-location pre-defined beijing
[Sysname-pre-defined-location-beijing] ip address 20.20.20.0 24
# Add network segment 20.20.20.0/255.255.255.0 to user-defined location beijing.
<Sysname> system-view
[Sysname] geo-location pre-defined beijing
[Sysname-pre-defined-location-beijing] ip address 20.20.20.0 255.255.255.0
# Add the address range with start address 20.20.20.255 and end address 20.20.20.0 to user-defined location beijing.
<Sysname> system-view
[Sysname] geo-location pre-defined beijing
[Sysname-pre-defined-location-beijing] ip address range 20.20.20.255 20.20.20.0
Related commands
display geo-location ip
