Acl Application Examples; Acl Application To An Ethernet Interface - 3Com 4510G Configuration Manual

If you execute the display acl command to display the information about the ACLs, the device outputs
packet filtering statistics except those that have been displayed by the command during that interval.

ACL Application Examples

ACL Application to an Ethernet Interface

Network requirements
As shown in Figure
Device A so that the interface denies IPv4 packets sourced from Host A from 8:00 to 18:00 everyday.
Configure the device to output log information about how many packets are filtered by this ACL to the
console at an interval of 10 minutes.
Figure 16-1 Network diagram for applying an ACL to an interface for filtering
Host A
192.168.1.2/24
Host B
192.168.1.3/24
Configuration procedure
# Create a time range named study, setting it to become active from 08:00 to 18:00 everyday.
<DeviceA> system-view
[DeviceA] time-range study 8:00 to 18:00 daily
# Create basic IPv4 ACL 2009.
[DeviceA] acl number 2009
# Create a basic IPv4 ACL rule to deny packets sourced from 192.168.1.2/32 during time range study.
[DeviceA-acl-basic-2009] rule deny source 192.168.1.2 0 time-range study
[DeviceA-acl-basic-2009] quit
# Apply ACL 2009 to the inbound direction of interface GigabitEthernet 1/0/1.
[DeviceA] interface gigabitethernet 1/0/1
[DeviceA-GigabitEthernet1/0/1] packet-filter 2009 inbound
[DeviceA-GigabitEthernet1/0/1] quit
# Set the interval for packet filtering statistics to 10 minutes.
[DeviceA] acl logging frequence 10
# Configure a system information output rule to output log information with severity being
informational to the console.
16-1, apply an ACL to the inbound direction of interface GigabitEthernet 1/0/1 on
GE1/0/1
Device A
IP network
16-3