Example For Configuring An Acl6 To Control Ftp User Access - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
<Quidway> display acl 5000
User ACL 5000, 1 rule
Acl's step is 5
rule 5 permit 0x0180c200 0xffffffff 14
# Check the configuration of the traffic classifier.
<Quidway> display traffic classifier user-defined
User Defined Classifier Information:
# Check the configuration of the traffic policy.
<Quidway>
User Defined Traffic Policy Information:
Policy: tp1
----End
Configuration Files
#
acl number 5000
rule 5 permit 0x0180c200 0xffffffff 14
#
traffic classifier tc1 operator and
if-match acl 5000
#
traffic behavior tb1
deny
#
traffic policy tp1
classifier tc1 behavior tb1
#
interface GigabitEthernet0/0/2
traffic-policy tp1 inbound
#
return
10.5.5 Example for Configuring an ACL6 to Control FTP User Access
Networking Requirements
As shown in
3002::1/64.
The routes between PC1, PC2, and the FTP server are reachable. It is required that an ACL6 be
configured on the FTP server to prohibit PC2 with IP address 3001::2/64 from downloading and
uploading files through FTP.
Issue 01 (2011-07-15)
Classifier: tc1
Operator: AND
Rule(s) : if-match acl 5000
display traffic policy user-defined tp1
Classifier: tc1
Operator: AND
Behavior: tb1
Deny
Figure
10-5, the IP address of the switch that functions as the FTP server is
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
10 ACL Configuration
248
Advertisement
Table of Contents
