Huawei Quidway S2700 Series Configuration Manual page 188

Quidway S2700 Series Ethernet Switches
Configuration Guide - Security
# Configure the traffic behavior tb1 to reject packets.
[Quidway] traffic behavior tb1
[Quidway-behavior-tb1] deny
[Quidway-behavior-tb1] quit
Step 4 Configure the traffic policy.
# Configure the traffic policy tp1 and associate tc1 and tb1 with the traffic policy.
[Quidway] traffic policy tp1
[Quidway-trafficpolicy-tp1] classifier tc1 behavior tb1
[Quidway-trafficpolicy-tp1] quit
Step 5 Apply the traffic policy.
# Apply the traffic policy tp1 to GE 0/0/1.
[Quidway] interface gigabitethernet 0/0/1
[Quidway-GigabitEthernet0/0/1] traffic-policy tp1 inbound
[Quidway-GigabitEthernet0/0/1] quit
Step 6 Verify the configuration.
# Check the configuration of ACL rules.
<Quidway> display acl 4000
L2 ACL 4000, 1 rule
Acl's step is 5
rule 5 deny destination-mac 0260-e207-0002 source-mac 00e0-f201-0101
# Check the configuration of the traffic classifier.
<Quidway> display traffic classifier user-defined
# Check the configuration of the traffic policy.
<Quidway>
User Defined Traffic Policy Information:
Policy: tp1
----End
Configuration Files
#
sysname Quidway
#
acl number 4000
rule 5 deny destination-mac 0260-e207-0002 source-mac 00e0-f201-0101
#
traffic classifier tc1 operator and
if-match acl 4000
#
traffic behavior tb1
deny
#
traffic policy tp1
classifier tc1 behavior tb1
#
Issue 01 (2011-07-15)
User Defined Classifier Information:
Classifier: tc1
Operator: AND
Rule(s) : if-match acl 4000
display traffic policy user-defined tp1
Classifier: tc1
Operator: AND
Behavior: tb1
Deny
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
9 ACL Configuration
177