16-4
[DeviceA] info-center source default channel 0 log level informational
ACL Application to a VLAN Interface
Network requirements
As shown in Figure 16-2, apply an ACL to the inbound direction of interface VLAN-interface 100 on
Device A so that the interface denies IPv4 packets sourced from Host A from 14:00 to 18:00 of the
working days, and allows packets traveling between Host A and Host B.
Figure 16-2 Network diagram for applying an ACL to a VLAN interface for filtering
Vlan-int100
192.168.1.1
Host A
192.168.1.2
Host B
192.168.1.3
Server
192.168.5.100
Configuration procedure
# Create a time range named study, setting it to become active from 08:00 to 18:00 of the working
days.
<DeviceA> system-view
[DeviceA] time-range study 14:00 to 18:00 working-day
# Create basic IPv4 ACL 2010.
[DeviceA] acl number 2010
# Create a basic IPv4 ACL rule to deny packets sourced from 192.168.1.2/32 during time range study.
[DeviceA-acl-basic-2009] rule deny source 192.168.1.2 0 time-range study
[DeviceA-acl-basic-2009] quit
# Apply ACL 2010 to the inbound direction of interface VLAN-interface 100,
[DeviceA] interface vlan-interface 100
[DeviceA-Vlan-interface100] packet-filter 2010 inbound
To Next Page
Loading...
