Operation Manual – NAT, Netstream, Policy RoutingH3C S7500 Series Ethernet Switches Chapter 1 NAT Configuration1-11To do… Use the command… RemarksEnter system view system-view —Enter VLAN interface view interface Vlan-interface vlan-id —Configure a non-standardinternal FTP servernat ftp server global global-addrglobal-port inside host-addr host-portslot slot-numberRequired1.3.6 Configuring NAT BlacklistBy enabling the NAT blacklist feature and configuring NAT blacklist attributes such asthe control threshold for the number of NAT connections and the control threshold forconnection setup rate, you can enable the switch to control the number of NATconnections and the connection setup rate.Follow these steps to configure NAT blacklist attributes:To do… Use the command… RemarksEnter system view system-view —Enable NAT blacklist for aspecified LPUnat blacklist start slotslot-numberRequiredBy default, thisfeature is disabled.Set the control mode of NATblacklistnat blacklist mode { all |amount | rate } RequiredSet the global control thresholdfor the number of NATconnections per user, or aspecific control threshold for thenumber of NAT connections of aspecified usernat blacklist limitamount [ source user-ip ]amount-valueOptionalSet the global or specific controlthresholds for connection setupratenat blacklist limit rate[ source ip ] cir cir-value[ cbs cbs-value ebsebs-value ]OptionalSpecify the IP address of a user,so as to adopt the specificconnection setup rate controlthresholds to the user.nat blacklist limit ratesource user-ip Optional