R3303-HP HSR6800 Routers ACL and QoS Configuration Guide
91
Traffic filtering configuration example
Network requirements
As shown in Figure 31, configure traffic filtering to filter the packets with source port not being 21, and
received on GigabitEthernet 1/0/1.
Figure 31 Network diagram
Configuration procedure
# Create advanced ACL 3000, and configure a rule to match packets whose source port number is not
21.
<Router> system-view
[Router] acl number 3000
[Router-acl-adv-3000] rule 0 permit tcp source-port neq 21
[Router-acl-adv-3000] quit
# Create a class named classifier_1, and use ACL 3000 as the match criterion in the class.
[Router] traffic classifier classifier_1
[Router-classifier-classifier_1] if-match acl 3000
[Router-classifier-classifier_1] quit
# Create a behavior named behavior_1, and configure the traffic filtering action to drop packets.
[Router] traffic behavior behavior_1
[Router-behavior-behavior_1] filter deny
[Router-behavior-behavior_1] quit
# Create a policy named policy, and associate class classifier_1 with behavior behavior_1 in the policy.
[Router] qos policy policy
[Router-qospolicy-policy] classifier classifier_1 behavior behavior_1
[Router-qospolicy-policy] quit
# Apply the policy named policy to the incoming traffic of GigabitEthernet 1/0/1.
[Router] interface gigabitethernet 1/0/1
[Router-GigabitEthernet1/0/1] qos apply policy policy inbound