If-match acl 2000 If-match service-vlan-id 100 Behavior: test Filter enable: Permit [Sysname] display acl 2000 Basic IPv4 ACL 2000, 1 rules, ACL's step is 5, start ID is 0 rule 0 deny source 192.168.1.100 0 三层以
1.1.10 if-match acl 1.1.11 ip local policy-based-route 1.1.12 ip policy-based-route 1.1.13 ip policy-based-route-log enable 1.1.14 policy-based-route 1.1.15 reset ip policy-based-route statistics 1 策略路由 1.1 策略路由配置命令 1.1.1 apply next-hop apply next-hop命令用来设置报文转发的...
node 20 permit: if-match acl 35XX apply next-hop 2XX.XX.2XX.1XX direct track 100 在测试的过程中发现,如果将node5中的if-match语句删掉,那么默认数据就会全匹配,所有链路都会从内部数据专线跑到总部公司,总部公司没有我这边的路由,我这边于是就会断网,后来回滚操作,发现了这个原因,切记,一定不能删掉if-...
if-match acl 3000 traffic behavior permit 定义一个名称为permit的行为 filter permit 动作为permit(允许)traffic behavior deny同上 filter deny 动作是拒绝 qos policy ghj 定义一个qos策略 classifier permit behavior permit 绑定类及行为 classifier deny behavior deny 一样 这个就是实现一...
建立ACL acl number 3040 rule 0 permit ip source any quit 配置policy-based-route路由图 policy-based-route policy-route permit node 10 if-match acl 3040 apply ip-address next-hop 192.168.100.123 quit 在接口应用policy-based-route interface Ethernet0/3.40 ...
[Switch-acl6-adv-3002] rule permit ip source 1.0.0.0 0.255.255.255 2.配置端口Ethernet1/0/1入方向的IPv4报文过滤 #配置拒绝接收源地址为1.1.1.1报文的类和流行为 [Switch] traffic classifier 1 [Switch-classifier-1] if-match acl 3001 [Switch-classifier-1] quit ...
if-match acl 3100//将ACL与流分类关联 # traffic behavior anti_wana//创建流行为 deny//动作为禁止 statistic enable//使能流量统计(可选) # traffic policy anti_wana match-order config//创建流策略 classifier anti_wana behavior anti_wana//将流分类和流行为进行关联 ...
rule0permit ip source192.168.1.10destination192.168.2.10traffic classifier class_test operator andif-match acl3000# traffic behavior behavior_test accounting packet # 做流量统计 mirror-to cpu # 镜像到CPU,必须镜像到CPU才能抓包 # qos policy policy_test ...
acl number 3000 //定义流量,里面的permit和deny没有实际意义,仅用来匹配流量 rule permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255 quit traffic classifier 1 //定义类,匹配acl 3000 if-match acl 3000 quit traffic behavior 1 //定义流行为,动作为拒绝deny ...
# 定义aclacl number 3001rule deny ip source 0acl number 3002rule permit ip source 552.# 配置拒绝接收源地址为报文的类和流行为traffic classifier 1if-match acl 3001traffic behavior 1filter deny# 配置允许其他源地址的类和流行为traffic classifier 2if-match acl 30 3、02traffic behavior 2filter ...