Table of Contents
Advertisement
Traffic filtering configuration example
Network requirements
As shown in
Configure traffic filtering to filter the packets with source port not being 21, and received on Ethernet
1/0/1.
Figure 17 Network diagram
Host
Configuration procedure
# Create advanced ACL 3000, and configure a rule to match packets whose source port number is
not 21.
<DeviceA> system-view
[DeviceA] acl number 3000
[DeviceA-acl-adv-3000] rule 0 permit tcp source-port neq 21
[DeviceA-acl-adv-3000] quit
# Create a class named classifier_1, and use ACL 3000 as the match criterion in the class.
[DeviceA] traffic classifier classifier_1
[DeviceA-classifier-classifier_1] if-match acl 3000
[DeviceA-classifier-classifier_1] quit
# Create a behavior named behavior_1, and configure the traffic filtering action to drop packets.
[DeviceA] traffic behavior behavior_1
[DeviceA-behavior-behavior_1] filter deny
[DeviceA-behavior-behavior_1] quit
# Create a policy named policy, and associate class classifier_1 with behavior behavior_1 in the
policy.
[DeviceA] qos policy policy
[DeviceA-qospolicy-policy] classifier classifier_1 behavior behavior_1
[DeviceA-qospolicy-policy] quit
# Apply the policy named policy to the incoming traffic of Ethernet 1/0/1.
[DeviceA] interface ethernet 1/0/1
[DeviceA-Ethernet1/0/1] qos apply policy policy inbound
Figure
17, Host is connected to Ethernet 1/0/1 of Device.
Device
Eth1/0/1
49
Advertisement
Table of Contents
