Configuration Guide Access Control List Configuration
Ruijie# configure terminal
Enter the global configuration mode.
Ruijie(config)# time-range time-range-name
Identify a time-range by using a meaningful
display character string as its name
Ruijie(config-time-range)# absolute [start time
date] end time date
Set the absolute time range (optional).
For details, see the configuration guide of
time-range.
Ruijie(config-time-range)# periodic
day-of-the-week time to [day-of-the-week] time
Set the periodic time range (optional).
For details, see the configuration guide of
time-range.
Verify the configurations.
Ruijie# copy running-config startup-config
Ruijie(config)# ip access-list extended 101
Enter the ACL configuration mode.
Ruijie(config-ext-nacl)# permit ip any any
time-range time-range-name
Configure the ACE of a time-range.
The length of the name should be 1-32 characters, which should not include
any space.
You can set one absolute time range at most. The application based on
time-ranges will be valid only in this time range.
You can set one or more periodic intervals. If you have already set a running
time range for the time-range, the application takes effect at periodic
intervals in that time range.
The following example shows how to deny HTTP data streams during the working hours in a week by
using the ACLs as example:
Ruijie(config)# time-range no-http
Ruijie(config-time-range)# periodic weekdays 8:00 to 18:00
Ruijie(config)# end
Ruijie(config)# ip access-list extended limit-udp
Ruijie(config-ext-nacl)# deny tcp any any eq www time-range no-http
Ruijie(config-ext-nacl)# exit
Ruijie(config)# interface gigabitEthernet 0/1
Ruijie(config-if)# ip access-group no-http in
Ruijie(config)# end
Example of displaying time range:
Ruijie# show time-range
time-range entry: no-http(inactive)
periodic Weekdays 8:00 to 18:00
time-range entry: no-udp
periodic Tuesday 15:30 to 16:30
To Next Page
Loading...
