华为三层交换机限制vlan段的指定端口

 

屏蔽vlan 120这个段的ip的所有2333端口

[NTT_3L]int Vlanif 120
[NTT_3L-Vlanif120]dis this
#
interface Vlanif120
 ip address 1xx.75.2.x 255.255.255.192
#
return
[NTT_3L-Vlanif120]
[NTT_3L]acl 3888                          
Info: When the ACL that is referenced by SACL is modified, the SACL will be dynamically updated. During the update, these SACL will become invalid temporarily.
[NTT_3L-acl-adv-3888]dis this
#
acl number 3888
 rule 10 deny tcp destination 1xx.75.2.0 0.0.0.63 destination-port eq 2333
#
return
[NTT_3L-acl-adv-3888]
[NTT_3L]traffic-filter inbound acl 3888  ##将规则应用

 

posted @ 2019-09-18 16:41  疯刘小三  阅读(2521)  评论(0编辑  收藏  举报