3com 3.01.01 用户手册
Configuring Logon User ACL Control
237
Defining ACLs
Currently only number-based ACLs can be imported, with the number ranging
from 2000 to 3999.
from 2000 to 3999.
Perform the following configurations in system view.
You can define multiple rules for an ACL by using the rule command several times.
Importing ACL
You can import a defined ACL in user interface view to achieve ACL control.
Perform the following configurations in system view and user interface view.
See the Switch 8800 Command Reference Guide for details about these
commands.
commands.
Currently you can import only the basic ACLs with digit IDs.
Configuration Example
Only the Telnet users from 10.110.100.52 and 10.110.100.46 can access the
switch.
switch.
Figure 16 ACL Configuration for Telnet Users
1 Define a basic ACL.
[SW8800]acl number 2000 match-order config
[SW8800-acl-basic-2000]rule 1 permit source 10.110.100.52 0
Table 29 Defining Basic ACLs
Operation
Command
Enter basic ACL (system view)
acl { number acl-number | name acl-name basic }
match-order { config | auto }
match-order { config | auto }
Define a sub-rule (basic ACL view)
rule [ rule-id ] { permit | deny } [ source
source-addr wildcard | any ] [ fragment ] [
time-range name ]
source-addr wildcard | any ] [ fragment ] [
time-range name ]
Delete a sub-rule (basic ACL view)
undo rule rule-id [ source ] [ fragment ] [
time-range ]
time-range ]
Delete an ACL or all ACLs (system view)
undo acl { number acl-number | name acl-name |
all }
all }
Table 30 Importing ACL
Operation
Command
Enter user interface view (system view)
user-interface [ type ] first-number [ last-number ]
Import the ACL (user interface view)
acl acl-number { inbound | outbound }
Internet
Switch