Example For Configuring An Advanced Acl - Huawei Quidway S9300 Configuration Manual

Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
----End
Configuration Files
#
sysname Quidway
#
urpf slot 1
urpf slot 2
#
acl number 2000
rule 5 permit source 10.0.0.0 0.0.0.255
#
traffic classifier tc1 operator or precedence 20
if-match acl 2000
#
traffic behavior tb1
statistic enable
ip urpf disable
#
traffic policy tp1
classifier tc1 behavior tb1
#
interface GigabitEthernet1/0/1
urpf strict
traffic-policy tp1 inbound
#
interface GigabitEthernet2/0/1
urpf strict
#
return

8.6.2 Example for Configuring an Advanced ACL

Networking Requirements
As shown in
is required that the IPv4 ACL be configured correctly. The personnel of the R&D department
and marketing department cannot access the salary query server at 10.164.9.9 from 8:00 to 17:30,
whereas the personnel of the president's office can access the server at any time.
Issue 01 (2009-07-28)
Classifier: default-class
Behavior: be
-none-
Classifier: tc1
Behavior: tb1
statistic: enable
urpf switch: off
Figure 8-2, the departments of the company are connected through the S9300s. It
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
8 ACL Configuration
8-15