# acl number 3000 rule 5 permit ip source 192.168.24.0 0.0.0.255 rule 10 permit ip source 192.168.29.0 0.0.0.255 rule 15 permit ip source 192.168.30.0 0.0.0.255 rule 20 permit ip source 192.168.31.0 0.0.0.255 rule 25 permit ip source 192.168.32.0 0.0.0.255 rule 30 permit ip source 192.168.33.0 0.0.0.255 rule 35 permit ip source 192.168.36.0 0.0.0.255 rule 40 permit ip source 192.168.37.0 0.0.0.255 rule 45 permit ip source 192.168.38.0 0.0.0.255 acl number 3001 rule 5 permit ip destination 192.168.0.0 0.0.0.255 rule 6 permit ip destination 192.168.24.0 0.0.0.255 rule 9 permit ip source 192.168.60.0 0.0.0.255 destination 192.168.100.0 0.0.0.255 rule 10 permit ip source 192.168.90.0 0.0.0.255 destination 192.168.100.0 0.0.0.255 rule 11 permit ip source 192.168.46.0 0.0.0.255 destination 192.168.70.0 0.0.0.255 rule 12 permit ip source 192.168.70.0 0.0.0.255 destination 192.168.46.0 0.0.0.255 rule 13 permit ip destination 192.168.46.0 0.0.0.255 rule 14 permit ip destination 192.168.51.0 0.0.0.255 rule 15 permit ip destination 192.168.53.0 0.0.0.255 rule 16 permit ip source 192.168.51.0 0.0.0.255 destination 192.168.70.0 0.0.0.255 rule 17 permit ip source 192.168.53.0 0.0.0.255 destination 192.168.70.0 0.0.0.255 rule 18 permit ip destination 192.168.21.0 0.0.0.255 rule 100 deny ip destination 192.168.0.0 0.0.255.255 acl number 3002 rule 4 permit ip destination 192.168.0.41 0 rule 5 permit ip destination 192.168.0.13 0 rule 10 permit ip destination 192.168.0.24 0 rule 15 permit ip destination 192.168.0.1 0 rule 30 permit ip destination 192.168.0.10 0 rule 35 permit ip destination 192.168.0.205 0 rule 40 permit ip destination 192.168.0.200 0 rule 45 permit ip destination 192.168.0.201 0 rule 50 permit ip destination 192.168.0.202 0 rule 55 permit ip destination 192.168.0.203 0 rule 60 permit ip destination 192.168.0.204 0 rule 65 permit ip destination 192.168.0.210 0 rule 70 permit ip destination 192.168.0.211 0 rule 75 permit ip destination 192.168.0.212 0 rule 80 permit ip destination 192.168.0.213 0 rule 85 permit ip destination 192.168.0.214 0 rule 90 permit ip destination 192.168.0.207 0 rule 95 permit ip destination 192.168.0.208 0 rule 96 permit ip destination 192.168.0.209 0 rule 97 permit ip destination 192.168.0.18 0 rule 98 permit ip destination 192.168.0.215 0 rule 99 permit ip destination 192.168.0.216 0 rule 100 permit ip destination 192.168.24.0 0.0.0.255 rule 105 permit ip destination 192.168.29.0 0.0.0.255 rule 110 permit ip destination 192.168.30.0 0.0.0.255 rule 115 permit ip destination 192.168.31.0 0.0.0.255 rule 120 permit ip destination 192.168.32.0 0.0.0.255 rule 125 permit ip destination 192.168.33.0 0.0.0.255 rule 130 permit ip destination 192.168.36.0 0.0.0.255 rule 135 permit ip destination 192.168.37.0 0.0.0.255 rule 140 permit ip destination 192.168.38.0 0.0.0.255 rule 145 deny ip destination 192.168.0.0 0.0.255.255 acl number 3003 rule 5 deny ip source 192.168.62.0 0.0.0.255 destination 192.168.100.0 0.0.0.255 rule 6 deny ip source 192.168.62.0 0.0.0.255 destination 192.168.0.0 0.0.0.255 rule 10 permit ip # traffic classifier c1 operator and precedence 5 if-match acl 3000 traffic classifier vlan2 operator or precedence 10 if-match acl 3001 traffic classifier vlan28 operator or precedence 15 if-match acl 3002 # traffic behavior b1 permit redirect ip-nexthop 192.168.0.205 traffic behavior vlan2 permit statistic enable traffic behavior vlan28 permit statistic enable # traffic policy p1 match-order auto classifier c1 behavior b1 traffic policy vlan2 match-order auto classifier vlan2 behavior vlan2 traffic policy vlan28 match-order auto classifier vlan28 behavior vlan28 # drop-profile default # vlan 2 traffic-policy vlan2 inbound vlan 3 traffic-policy vlan2 inbound vlan 4 traffic-policy vlan2 inbound vlan 5 traffic-policy vlan2 inbound vlan 6 traffic-policy vlan2 inbound vlan 7 traffic-policy vlan2 inbound vlan 9 traffic-policy vlan2 inbound vlan 10 traffic-policy vlan2 inbound vlan 11 traffic-policy vlan2 inbound vlan 12 traffic-policy vlan2 inbound vlan 13 traffic-policy vlan2 inbound vlan 14 traffic-policy vlan2 inbound vlan 15 traffic-policy vlan2 inbound vlan 16 traffic-policy vlan2 inbound vlan 17 traffic-policy vlan2 inbound vlan 18 traffic-policy vlan2 inbound vlan 20 traffic-policy vlan2 inbound vlan 21 traffic-policy vlan2 inbound vlan 22 traffic-policy vlan2 inbound vlan 23 traffic-policy vlan2 inbound vlan 24 traffic-policy vlan2 inbound vlan 25 traffic-policy vlan2 inbound vlan 27 traffic-policy vlan28 inbound vlan 29 traffic-policy vlan2 inbound vlan 30 traffic-policy vlan2 inbound vlan 31 traffic-policy vlan2 inbound vlan 32 traffic-policy vlan2 inbound vlan 34 traffic-policy vlan2 inbound vlan 35 traffic-policy vlan28 inbound vlan 36 traffic-policy vlan28 inbound vlan 37 traffic-policy vlan28 inbound vlan 38 traffic-policy vlan28 inbound vlan 39 traffic-policy vlan2 inbound vlan 40 traffic-policy vlan28 inbound vlan 41 traffic-policy vlan28 inbound vlan 42 traffic-policy vlan28 inbound vlan 51 traffic-policy vlan2 inbound vlan 2000 description Office-F1&F2-OA traffic-policy vlan2 inbound vlan 2001 description Office-JianKong&MenJin&KaoQin traffic-policy vlan2 inbound vlan 2002 description Office-QiLunJi&YePian traffic-policy vlan2 inbound vlan 2003 description Office-ZhuQiFa&FaDianJi traffic-policy vlan2 inbound vlan 2004 description Office-WLAN traffic-policy vlan2 inbound vlan 2005 description Office-IP-Phone traffic-policy vlan2 inbound vlan 2006 description GYYW-JiChuang&KongzhiDuan traffic-policy vlan2 inbound vlan 2022 description GuanLi traffic-policy vlan2 inbound # interface GigabitEthernet6/0/37 port hybrid tagged vlan 1 to 4094 traffic-policy p1 inbound # interface XGigabitEthernet4/0/13 description TO-BZZJF-WLAN-AC-01 port link-type trunk port trunk allow-pass vlan 2011 to 2012 traffic-filter inbound acl 3003 # port-group 1 group-member GigabitEthernet6/0/36 group-member GigabitEthernet6/0/37 group-member GigabitEthernet6/0/38 group-member GigabitEthernet6/0/39 group-member GigabitEthernet6/0/40 group-member GigabitEthernet6/0/41 group-member GigabitEthernet6/0/42 group-member GigabitEthernet6/0/43 group-member GigabitEthernet6/0/44 group-member GigabitEthernet6/0/45 group-member GigabitEthernet6/0/46 group-member GigabitEthernet6/0/47 # port-group 2 group-member GigabitEthernet2/0/36 group-member GigabitEthernet2/0/37 group-member GigabitEthernet2/0/38 group-member GigabitEthernet2/0/39 group-member GigabitEthernet2/0/40 group-member GigabitEthernet2/0/41 group-member GigabitEthernet2/0/42 group-member GigabitEthernet2/0/43 group-member GigabitEthernet2/0/44 group-member GigabitEthernet2/0/45 #
(0)
#
acl number 3000
rule 5 permit ip source 192.168.24.0 0.0.0.255
rule 10 permit ip source 192.168.29.0 0.0.0.255
rule 15 permit ip source 192.168.30.0 0.0.0.255
rule 20 permit ip source 192.168.31.0 0.0.0.255
rule 25 permit ip source 192.168.32.0 0.0.0.255
rule 30 permit ip source 192.168.33.0 0.0.0.255
rule 35 permit ip source 192.168.36.0 0.0.0.255
rule 40 permit ip source 192.168.37.0 0.0.0.255
rule 45 permit ip source 192.168.38.0 0.0.0.255
acl number 3001
rule 5 permit ip destination 192.168.0.0 0.0.0.255
rule 6 permit ip destination 192.168.24.0 0.0.0.255
rule 9 permit ip source 192.168.60.0 0.0.0.255 destination 192.168.100.0 0.0.0.255
rule 10 permit ip source 192.168.90.0 0.0.0.255 destination 192.168.100.0 0.0.0.255
rule 11 permit ip source 192.168.46.0 0.0.0.255 destination 192.168.70.0 0.0.0.255
rule 12 permit ip source 192.168.70.0 0.0.0.255 destination 192.168.46.0 0.0.0.255
rule 13 permit ip destination 192.168.46.0 0.0.0.255
rule 14 permit ip destination 192.168.51.0 0.0.0.255
rule 15 permit ip destination 192.168.53.0 0.0.0.255
rule 16 permit ip source 192.168.51.0 0.0.0.255 destination 192.168.70.0 0.0.0.255
rule 17 permit ip source 192.168.53.0 0.0.0.255 destination 192.168.70.0 0.0.0.255
rule 18 permit ip destination 192.168.21.0 0.0.0.255
rule 100 deny ip destination 192.168.0.0 0.0.255.255
acl number 3002
rule 4 permit ip destination 192.168.0.41 0
rule 5 permit ip destination 192.168.0.13 0
rule 10 permit ip destination 192.168.0.24 0
rule 15 permit ip destination 192.168.0.1 0
rule 30 permit ip destination 192.168.0.10 0
rule 35 permit ip destination 192.168.0.205 0
rule 40 permit ip destination 192.168.0.200 0
rule 45 permit ip destination 192.168.0.201 0
rule 50 permit ip destination 192.168.0.202 0
rule 55 permit ip destination 192.168.0.203 0
rule 60 permit ip destination 192.168.0.204 0
rule 65 permit ip destination 192.168.0.210 0
rule 70 permit ip destination 192.168.0.211 0
rule 75 permit ip destination 192.168.0.212 0
rule 80 permit ip destination 192.168.0.213 0
rule 85 permit ip destination 192.168.0.214 0
rule 90 permit ip destination 192.168.0.207 0
rule 95 permit ip destination 192.168.0.208 0
rule 96 permit ip destination 192.168.0.209 0
rule 97 permit ip destination 192.168.0.18 0
rule 98 permit ip destination 192.168.0.215 0
rule 99 permit ip destination 192.168.0.216 0
rule 100 permit ip destination 192.168.24.0 0.0.0.255
rule 105 permit ip destination 192.168.29.0 0.0.0.255
rule 110 permit ip destination 192.168.30.0 0.0.0.255
rule 115 permit ip destination 192.168.31.0 0.0.0.255
rule 120 permit ip destination 192.168.32.0 0.0.0.255
rule 125 permit ip destination 192.168.33.0 0.0.0.255
rule 130 permit ip destination 192.168.36.0 0.0.0.255
rule 135 permit ip destination 192.168.37.0 0.0.0.255
rule 140 permit ip destination 192.168.38.0 0.0.0.255
rule 145 deny ip destination 192.168.0.0 0.0.255.255
acl number 3003
rule 5 deny ip source 192.168.62.0 0.0.0.255 destination 192.168.100.0 0.0.0.255
rule 6 deny ip source 192.168.62.0 0.0.0.255 destination 192.168.0.0 0.0.0.255
rule 10 permit ip
#
traffic classifier c1 operator and precedence 5
if-match acl 3000
traffic classifier vlan2 operator or precedence 10
if-match acl 3001
traffic classifier vlan28 operator or precedence 15
if-match acl 3002
#
traffic behavior b1
permit
redirect ip-nexthop 192.168.0.205
traffic behavior vlan2
permit
statistic enable
traffic behavior vlan28
permit
statistic enable
#
traffic policy p1 match-order auto
classifier c1 behavior b1
traffic policy vlan2 match-order auto
classifier vlan2 behavior vlan2
traffic policy vlan28 match-order auto
classifier vlan28 behavior vlan28
#
drop-profile default
#
vlan 2
traffic-policy vlan2 inbound
vlan 3
traffic-policy vlan2 inbound
vlan 4
traffic-policy vlan2 inbound
vlan 5
traffic-policy vlan2 inbound
vlan 6
traffic-policy vlan2 inbound
vlan 7
traffic-policy vlan2 inbound
vlan 9
traffic-policy vlan2 inbound
vlan 10
traffic-policy vlan2 inbound
vlan 11
traffic-policy vlan2 inbound
vlan 12
traffic-policy vlan2 inbound
vlan 13
traffic-policy vlan2 inbound
vlan 14
traffic-policy vlan2 inbound
vlan 15
traffic-policy vlan2 inbound
vlan 16
traffic-policy vlan2 inbound
vlan 17
traffic-policy vlan2 inbound
vlan 18
traffic-policy vlan2 inbound
vlan 20
traffic-policy vlan2 inbound
vlan 21
traffic-policy vlan2 inbound
vlan 22
traffic-policy vlan2 inbound
vlan 23
traffic-policy vlan2 inbound
vlan 24
traffic-policy vlan2 inbound
vlan 25
traffic-policy vlan2 inbound
vlan 27
traffic-policy vlan28 inbound
vlan 29
traffic-policy vlan2 inbound
vlan 30
traffic-policy vlan2 inbound
vlan 31
traffic-policy vlan2 inbound
vlan 32
traffic-policy vlan2 inbound
vlan 34
traffic-policy vlan2 inbound
vlan 35
traffic-policy vlan28 inbound
vlan 36
traffic-policy vlan28 inbound
vlan 37
traffic-policy vlan28 inbound
vlan 38
traffic-policy vlan28 inbound
vlan 39
traffic-policy vlan2 inbound
vlan 40
traffic-policy vlan28 inbound
vlan 41
traffic-policy vlan28 inbound
vlan 42
traffic-policy vlan28 inbound
vlan 51
traffic-policy vlan2 inbound
vlan 2000
description Office-F1&F2-OA
traffic-policy vlan2 inbound
vlan 2001
description Office-JianKong&MenJin&KaoQin
traffic-policy vlan2 inbound
vlan 2002
description Office-QiLunJi&YePian
traffic-policy vlan2 inbound
vlan 2003
description Office-ZhuQiFa&FaDianJi
traffic-policy vlan2 inbound
vlan 2004
description Office-WLAN
traffic-policy vlan2 inbound
vlan 2005
description Office-IP-Phone
traffic-policy vlan2 inbound
vlan 2006
description GYYW-JiChuang&KongzhiDuan
traffic-policy vlan2 inbound
vlan 2022
description GuanLi
traffic-policy vlan2 inbound
#
interface GigabitEthernet6/0/37
port hybrid tagged vlan 1 to 4094
traffic-policy p1 inbound
#
interface XGigabitEthernet4/0/13
description TO-BZZJF-WLAN-AC-01
port link-type trunk
port trunk allow-pass vlan 2011 to 2012
traffic-filter inbound acl 3003
#
port-group 1
group-member GigabitEthernet6/0/36
group-member GigabitEthernet6/0/37
group-member GigabitEthernet6/0/38
group-member GigabitEthernet6/0/39
group-member GigabitEthernet6/0/40
group-member GigabitEthernet6/0/41
group-member GigabitEthernet6/0/42
group-member GigabitEthernet6/0/43
group-member GigabitEthernet6/0/44
group-member GigabitEthernet6/0/45
group-member GigabitEthernet6/0/46
group-member GigabitEthernet6/0/47
#
port-group 2
group-member GigabitEthernet2/0/36
group-member GigabitEthernet2/0/37
group-member GigabitEthernet2/0/38
group-member GigabitEthernet2/0/39
group-member GigabitEthernet2/0/40
group-member GigabitEthernet2/0/41
group-member GigabitEthernet2/0/42
group-member GigabitEthernet2/0/43
group-member GigabitEthernet2/0/44
group-member GigabitEthernet2/0/45
#
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明