Traffic filtering configuration example, Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 55
46
Traffic filtering configuration example
NOTE:
•
The configuration examples were created on a WX5004 access controller and may vary with device
models.Check
to see where you configure Ethernet interfaces.
Network requirements
As shown in
, Client is connected to AC through AP.
Configure traffic filtering to filter the packets whose source port is 21 received on GigabitEthernet 1/0/1.
Figure 15 Network diagram
Configuration procedure
# Create advanced ACL 3000, and configure a rule to match packets whose source port number is not
21.
<AC> system-view
[AC] acl number 3000
[AC-acl-adv-3000] rule 0 permit tcp source-port eq 21
[AC-acl-adv-3000] quit
# Create a class named classifier_1, and use ACL 3000 as the match criterion in the class.
[AC] traffic classifier classifier_1
[AC-classifier-classifier_1] if-match acl 3000
[AC-classifier-classifier_1] quit
# Create a behavior named behavior_1, and configure the traffic filtering action to drop packets.
[AC] traffic behavior behavior_1
[AC-behavior-behavior_1] filter deny
[AC-behavior-behavior_1] quit
# Create a policy named policy_1, and associate class classifier_1 with behavior behavior_1 in the
policy.
[AC] qos policy policy_1
[AC-qospolicy-policy_1] classifier classifier_1 behavior behavior_1
[AC-qospolicy-policy_1] quit
# Apply the policy named policy_1 to the incoming traffic of GigabitEthernet 1/0/1.
[AC] interface gigabitethernet 1/0/1
[AC-GigabitEthernet1/0/1] qos apply policy policy_1 inbound