Manualshelf

H3C S7500 Series Ethernet Switches Release 3135 DHCP Configuration Examples

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
31323334353637383940
QACL Configuration Examples
H3C S7500 Series Ethernet Switches Release 3135 Chapter 2 QACL Configuration Examples
2-4
[H3C-acl-adv-3000] rule 6 deny udp destination-port eq 137
[H3C-acl-adv-3000] rule 7 deny udp destination-port eq 138
[H3C-acl-adv-3000] rule 8 deny udp destination-port eq 139
[H3C-acl-adv-3000] rule 9 deny tcp destination-port eq 139
[H3C-acl-adv-3000] rule 10 deny tcp destination-port eq 445
[H3C-acl-adv-3000] rule 11 deny udp destination-port eq 445
[H3C-acl-adv-3000] rule 12 deny tcp destination-port eq 593
[H3C-acl-adv-3000] rule 13 deny udp destination-port eq 593
[H3C-acl-adv-3000] rule 14 deny tcp destination-port eq 5554
[H3C-acl-adv-3000] rule 15 deny tcp destination-port eq 9995
[H3C-acl-adv-3000] rule 16 deny tcp destination-port eq 9996
[H3C-acl-adv-3000] rule 17 deny udp destination-port eq 1434
[H3C-acl-adv-3000] quit
# Create advanced ACL 3001 to sort out the HTTP packets sourced from IP address
192.168.2.2.
[H3C] acl number 3001
[H3C-acl-adv-3001] rule 0 permit tcp source 192.168.2.2 0 destination-port eq
80 time-range trname
# Create user-defined ACL 5000 to filter out the ARP packets with the source IP
address 192.168.2.100. Among the fields of the rule defined in ACL 5000, 0806 is the
ARP protocol number, 16 is the offset value of the protocol type field for internally
processed packets, c0a80264 is the hexadecimal form of 192.168.2.100, and 32 is the
offset value of the source IP address field for internally processed ARP packets.
[H3C] acl number 5000
[H3C-acl-user-5000] rule 0 deny 0806 ffff 16 c0a80264 ffffffff 32 time-range
trname
[H3C-acl-user-5000] quit
# Configure packet filtering in the inbound direction of GigabitEthernet 2/0/10 by
referencing ACL 3000.
[H3C] interface GigabitEthernet 2/0/10
[H3C-GigabitEthernet2/0/10] qos
[H3C-qosb-GigabitEthernet2/0/10] packet-filter inbound ip-group 3000
[H3C-qosb-GigabitEthernet2/0/10] quit
[H3C-GigabitEthernet2/0/10] quit
# Configure packet filtering in the inbound direction of GigabitEthernet 2/0/1 by
referencing ACL 5000.
[H3C] interface GigabitEthernet 2/0/1
[H3C-GigabitEthernet2/0/1] qos
[H3C-qosb-GigabitEthernet2/0/1] packet-filter inbound user-group 5000
[H3C-qosb-GigabitEthernet2/0/1] quit