Manualshelf

H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
681682683684685686687688689690
Operation Manual – ACL
H3C S7500 Series Ethernet Switches Chapter 1
ACL Configuration
1-24
II. Network diagram
Eth2/0/1
R&D
Department
Switch
To the router
Wage query server
Eth2/0/2
192.168.1.2
n
Figure 1-2 Network diagram for advanced ACL configuratio
III. Configuration procedure
Note:
Only the commands related to the ACL configuration are listed below.
1) Define the time range
# Define a periodic time range that takes effect from 8:00 to 18:00 every working day.
<H3C> system-view
[H3C] time-range test 8:00 to 18:00 working-day
2) Define an ACL for filtering requests destined for the wage server.
# Create ACL 3000 and enter ACL 3000 view.
[H3C] acl number 3000
# Define an ACL rule for requests destined for the wage server.
[H3C-acl-adv-3000] rule 1 deny ip destination 192.168.1.2 0 time-range test
[H3C-acl-adv-3000] quit
3) Apply the ACL on a port.
# Apply ACL 3000 on Ethernet 2/0/1.
[H3C] interface Ethernet2/0/1
[H3C-Ethernet2/0/1] qos
[H3C-qoss-Ethernet2/0/1] packet-filter inbound ip-group 3000