Ipv4的ACL配置和应用
acl 2000
rule 5 deny ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.0
quit
(删除规则:undo rule 5)
配置基于ACL的流分类
traffic classifier c1
if-match acl 2000
quit
配置流行为
traffic behavior b1
deny (permit)
quit
配置流策略
traffic policy p1
classifier c1 behavior b1
quit
查看ACL规则的配置信息
display acl all(all可换成2000)
查看流分类的配置信息
display traffic classifier user-defined
查看流策略的配置信息
display traffic policy user-defined
应用流策略
interface g 0/0/1
traffic-policy p1 inbound (outbound)
quit
(删除已应用的流策略:undo traffic-policy inbound/outbound)
.
Ipv6的ACL6配置与Ipv4类似(只写与Ipv4不同之处)
.# acl ipv6 2000
.# rule 5 deny source 1::2 64
.# quit
(删除规则:undo rule 5)
.# traffic classifier c1
.# if-match ipv6 acl 2000
.# quit
… …
… …
查看ACL规则的配置信息
.# display acl ipv6 all(all可换成2000)
… …