Traffic filtering configuration example, Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

46

Traffic filtering configuration example

NOTE:
•

The configuration examples were created on a WX5004 access controller and may vary with device
models.Check

Table 7

to see where you configure Ethernet interfaces.

Network requirements

As shown in

Figure 15

, Client is connected to AC through AP.

Configure traffic filtering to filter the packets whose source port is 21 received on GigabitEthernet 1/0/1.

Figure 15 Network diagram

Configuration procedure

# Create advanced ACL 3000, and configure a rule to match packets whose source port number is not

21.

<AC> system-view

[AC] acl number 3000

[AC-acl-adv-3000] rule 0 permit tcp source-port eq 21

[AC-acl-adv-3000] quit

# Create a class named classifier_1, and use ACL 3000 as the match criterion in the class.

[AC] traffic classifier classifier_1

[AC-classifier-classifier_1] if-match acl 3000

[AC-classifier-classifier_1] quit

# Create a behavior named behavior_1, and configure the traffic filtering action to drop packets.

[AC] traffic behavior behavior_1

[AC-behavior-behavior_1] filter deny

[AC-behavior-behavior_1] quit

# Create a policy named policy_1, and associate class classifier_1 with behavior behavior_1 in the
policy.

[AC] qos policy policy_1

[AC-qospolicy-policy_1] classifier classifier_1 behavior behavior_1

[AC-qospolicy-policy_1] quit

# Apply the policy named policy_1 to the incoming traffic of GigabitEthernet 1/0/1.

[AC] interface gigabitethernet 1/0/1

[AC-GigabitEthernet1/0/1] qos apply policy policy_1 inbound