Configuring Traffic Filtering; Configuration Procedure - H3C S5120-EI series Configuration Manual

Configuring traffic filtering

Traffic filtering filters traffic matching certain criteria. For example, you can filter packets sourced from a
specific IP address according to network status.

Configuration procedure

To configure traffic filtering:
Step
1. Enter system view.
2. Create a class and enter
class view.
3. Configure match criteria.
4. Return to system view.
5. Create a behavior and
enter behavior view.
6. Configure the traffic
filtering action.
7. Return to system view.
Create a policy and enter
8.
policy view.
9. Associate the class with the
traffic behavior in the QoS
policy.
10. Return to system view.
11. Apply the QoS policy.
12. Display the traffic filtering
configuration.
NOTE:
With filter deny configured for a traffic behavior, the other actions (except class-based accounting and
traffic mirroring) in the traffic behavior do not take effect.
Command
system-view
traffic classifier tcl-name [ operator { and
| or } ]
if-match match-criteria
quit
traffic behavior behavior-name
filter { deny | permit }
quit
qos policy policy-name
classifier tcl-name behavior
behavior-name
quit
•
Applying the QoS policy to an
interface
•
Applying the QoS policy to online
users
•
Applying the QoS policy to a VLAN
•
Applying the QoS policy globally
•
Applying the QoS policy to the control
plane
display traffic behavior user-defined
[ behavior-name ] [ | { begin | exclude |
include } regular-expression ]
54
Remarks
N/A
N/A
N/A
N/A
N/A
•
deny—Drops packets.
•
permit—Permits packets to
pass through.
N/A
N/A
N/A
N/A
Choose one application
destination as needed.
Optional.
Available in any view