Acl Application Examples; Acl Application To An Ethernet Interface - H3C S5120-EI Series Operation Manual
Hide thumbs
Also See for S5120-EI Series:
- Operation manual (1191 pages) ,
- Command reference manual (242 pages) ,
- Configuration manual (206 pages)
Table of Contents
Advertisement
To do...
Set the interval for IPv6 packet
filtering statistics
If you execute the display acl command to display the information about the ACLs, the device outputs
packet filtering statistics except those that have been displayed by the command during that interval.
ACL Application Examples
ACL Application to an Ethernet Interface
Network requirements
As shown in
Figure
Device A so that the interface denies IPv4 packets sourced from Host A from 8:00 to 18:00 everyday.
Configure the device to output log information about how many packets are filtered by this ACL to the
console at an interval of 10 minutes.
Figure 4-1 Network diagram for applying an ACL to an interface for filtering
Configuration procedure
# Create a time range named study, setting it to become active from 08:00 to 18:00 everyday.
<DeviceA> system-view
[DeviceA] time-range study 8:00 to 18:00 daily
# Create basic IPv4 ACL 2009.
[DeviceA] acl number 2009
# Create a basic IPv4 ACL rule to deny packets sourced from 192.168.1.2/32 during time range study.
[DeviceA-acl-basic-2009] rule deny source 192.168.1.2 0 time-range study
[DeviceA-acl-basic-2009] quit
# Apply ACL 2009 to the inbound direction of interface GigabitEthernet 1/0/1.
Use the command...
acl ipv6 logging frequence
frequence
4-1, apply an ACL to the inbound direction of interface GigabitEthernet 1/0/1 on
4-3
Remarks
0 by default, which means no
packet filtering statistics is
collected.
Advertisement
Chapters
Table of Contents
Troubleshooting
