h3c acl配置一列

Posted wdfrog

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了h3c acl配置一列相关的知识,希望对你有一定的参考价值。

  1. acl number 3004 
  2. rule 0 permit ip source 10.2.1.4 0 
  3. rule 1 deny ip source 192.168.1.91 0 
  4. rule 2 deny ip source 192.168.9.6 0 
  5. rule 3 deny ip source 192.168.1.94 0 
  6. rule 4 deny ip source 10.1.3.240 0 
  7. rule 5 permit ip source 10.2.1.40 0 
  8. rule 7 deny ip source 10.2.12.8 0 
  9. rule 8 deny ip source 192.168.2.69 0 
  10. rule 9 deny ip source 10.1.1.20 0 
  11. rule 15 deny ip source 10.2.1.0 0.0.0.255 
  12. rule 20 deny ip source 10.2.17.0 0.0.0.255 
  13. rule 25 deny ip source 10.2.18.0 0.0.0.255 
  14. rule 30 deny ip source 10.2.19.0 0.0.0.255 
  15. rule 35 deny ip source 10.2.16.0 0.0.0.255 
  16. rule 36 deny ip source 192.168.9.2 0 
  17. rule 100 deny ip source 192.168.19.6 0 
  18. rule 200 deny ip source 192.168.9.99 0 
  19. rule 250 deny ip source 192.168.19.5 0 
  20. rule 260 deny ip source 192.168.9.1 0 
  22. acl number 3005 
  23. rule 50 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.9.0 0.0.0.255 
  24. rule 60 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.1.91 0 
  25. rule 70 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.1.90 0 
  26. rule 80 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.1.92 0 
  27. rule 90 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.1.95 0 
  28. rule 100 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.1.7 0 
  29. rule 110 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.19.6 0 
  30. rule 120 deny ip source 10.1.0.0 0.0.255.255 destination 192.168.19.5 0 

 

  1. interface Vlan-interface999 
  2. ip address 10.20.20.254 255.255.255.0 
  3. packet-filter 3005 inbound 
  5. interface Vlan-interface1000 
  6. ip address 10.10.10.254 255.255.255.0 
  7. packet-filter 3004 outbound 

关于怎么区分inbound 与 outbound ,:都看成网关, 出网关的是outbound,source ip 是内部ip

inbound是进网关,source ip是来源ip

以上是关于h3c acl配置一列的主要内容,如果未能解决你的问题,请参考以下文章