❶ pc1通過過濾MAC地址來訪問伺服器,PC2要通過過濾IP來訪問伺服器,那ACL怎麼寫,設備是H3C的三層交換
traffic classifier classifier_rd operator and
if-match acl 3000
#
traffic classifier classifier_hostA operator and
if-match acl 4000
#
traffic behavior behavior_rd
filter deny
#
traffic behavior behavior_hostA
filter deny
#
qos policy policy_rd
classifier classifier_rd behavior behavior_rd
#
qos policy policy_hostA
classifier classifier_hostA behavior behavior_hostA
#
acl number 3000
rule 0 deny ip source 192.168.2.0 0.0.0.255 destination X.X.X.X伺服器IP
acl number 4000
rule 0 deny source-mac 001a-6427-643c ffff-ffff-ffff dest-mac <伺服器MAC> ffff-ffff-ffff
#
interface GigabitEthernet0/1
qos apply policy policy_hostA inbound
#interface GigabitEthernet0/2
qos apply policy policy_rd inbound
#