S3110交换机
配置了acl 3002
[CQ-QUANDB1.S1] acl number 3002
[CQ-QUANDB1.S1-acl-adv-3002]dis th
#
acl number 3002
rule 0 permit tcp source 55.10.10.101 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 5 permit tcp source 55.10.10.102 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 10 permit tcp source 55.10.10.103 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 15 permit tcp source 55.10.10.104 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 20 permit tcp source 55.10.40.1 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 25 permit tcp source 55.10.40.2 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 30 permit tcp source 55.10.40.3 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 35 permit tcp source 55.10.40.4 0 source-port gt 1023 destination 55.100.74.129 0 destination-port eq 2404
rule 40 permit tcp source 55.20.10.1 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
rule 45 permit tcp source 55.20.10.2 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
rule 50 permit tcp source 55.20.10.3 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
rule 55 permit tcp source 55.20.10.4 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
rule 60 permit tcp source 55.20.10.5 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
rule 65 permit tcp source 55.20.10.6 0 source-port gt 1023 destination 55.100.74.129 0 destination-port range 2404 2406
#
return
[CQ-QUANDB1.S1-acl-adv-3002
[CQ-QUANDB1.S1-Ethernet1/0/2]packet-filter 3002 inbound ?
<cr>
[CQ-QUANDB1.S1-Ethernet1/0/2]packet-filter 3002 inbound
[CQ-QUANDB1.S1-Ethernet1/0/2]dis th
#
interface Ethernet1/0/2
ip source binding mac-address 0090-e85d-79a6
ip verify source mac-address
#
return
[CQ-QUANDB1.S1-Ethernet1/0/2]
另外,ACL 规则最后不写 deny 得话,该ACL 是否还有意义?
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论