Operation Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches Chapter 1 ACL Configuration
Huawei Technologies Proprietary
1-32
[Quidway] time-range huawei 8:00 to 18:00 daily
2) Define the ACL for TCP packet.
# Enter the named user-defined ACL, named as traffic-of-tcp.
[Quidway] acl name traffic-of-tcp user
# Define the rules for TCP packet.
[Quidway-acl-user-traffic-of-tcp] rule 1 deny 06 ff 35 time-range huawei
3) Activate ACL.
# Activate the ACL traffic-of-tcp .
[Quidway] packet-filter user-group traffic-of-tcp
1.7 ACL Example of S3552 Series Switches
1.7.1 Using Source IP + Source MAC Rules to Filter Packets
I. Networking requirements
Filter the packets which source IP is 1.1.1.1, source MAC is 0-0-1.
II. Configuration procedure
 Note:
In the following configurations, only the commands related to ACL configurations are
listed.
1) Define ACL
[Quidway] acl number 4000
[Quidway-acl-link-4000] rule deny ingress 0-0-1 0-0-0
[Quidway-acl-link-4000] quit
[Quidway] acl number 2000
[Quidway-acl-basic-2000] rule deny source 1.1.1.1 0
[Quidway-acl-basic-2000] quit
2) Define flow template
[Quidway] flow-template user-defined smac sip
3) Apply flow template to the port
[Quidway] interface ethernet0/1
[Quidway-Ethernet0/1] flow-template user-defined
4) Apply ACL to the port
[Quidway-Ethernet0/1] packet-filter inbound ip-group 2000
[Quidway-Ethernet0/1] packet-filter inbound link-group 4000
To Next Page
Loading...
Need help?
General
