Professional Documents
Culture Documents
com
ISSUE 1.0
ACLACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
www.h3c.com
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
www.h3c.com
No
ACL
Yes
Deny Permit
No
Deny Permit
No
Deny Permit
No
www.h3c.com
No
ACL
Yes
Deny Permit
No
Deny Permit
No
Deny Permit
No
www.h3c.com
IP
0
1
0.0.0.255 24
0.0.3.255 22
0.255.255.255 8
www.h3c.com
IP
www.h3c.com
ACL
ACL
ACL
ACL
ACL
ACL
20002999
30003999
40004999
50005999
www.h3c.com
ACL
IP
1.1.1.0/24
2.2.2.0/28
DA=3.3.3.3 SA=1.1.1.1
DA=3.3.3.3 SA=2.2.2.1
www.h3c.com
ACL
IPIP
IP
1.1.1.0/243.3.3.1TCP80
1.1.1.0/242.2.2.1TCP23
DA=3.3.3.1, SA=1.1.1.1
TCP, DP=80, SP=2032
DA=2.2.2.1, SA=1.1.1.1
TCP, DP=23, SP=3176
www.h3c.com
ACLACL
ACLMACMAC
802.1p
ACL
IP
www.h3c.com
ACL
ACL
ACL
ACL
ACL
ACL
ACL
Permit/Deny)
ACL
/
www.h3c.com
www.h3c.com
ACL
ACLACL
IPv4 ACL20002999
IP
permitdeny
www.h3c.com
ACL
IPv4 ACLACL
IPv4 ACL30003999
IPIPIP
permitdeny
www.h3c.com
ACL
ACLACL
ACL40004999
MACMAC802.1p
permitdeny
www.h3c.com
ACL
ACLACL
Outbound
Inbound
[sysname-Serial2/0 ] firewall packet-filter { acl-
number | name acl-name } { inbound | outbound }
www.h3c.com
ACL
www.h3c.com
ACL
ACL
ACL
ACL
ACL
ACL
ACL
ACL
config
auto
ACL
www.h3c.com
acl number 2000 match-order config
rule permit source 1.1.1.0 0.0.0.255
rule deny source 1.1.1.1 0
DA=3.3.3.3 SA=1.1.1.1
DA=3.3.3.3 SA=1.1.1.1
www.h3c.com
ACL
ACL
ACL
ACL
ACL
ACL
ACL
www.h3c.com
ACL
PCANetworkA
NetworkB
NetworkB NetworkC NetworkD
192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
www.h3c.com
ACL
PCANetworkA
NetworkB
NetworkB NetworkC NetworkD
192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
www.h3c.com
ACL
ACL
ACL
www.h3c.com
ACLACLNAT
QoS
ACLIPACLIP
IP
ACL
ACL
www.h3c.com