Acl configuration example, Network requirements, Configuration procedure – H3C Technologies H3C S6300 Series Switches User Manual

11

Task Command

Display the accumulated statistics for packet filtering
ACLs.

display packet-filter statistics sum { inbound |
outbound } [ ipv6 ] { acl-number | name acl-name }
[ brief ]

Display detailed ACL packet filtering information.

display packet-filter verbose interface interface-type
interface-number { inbound | outbound } [ [ ipv6 ]

{ acl-number | name acl-name } ] [ slot slot-number ]

Display QoS and ACL resource usage.

display qos-acl resource [ slot slot-number ]

Clear ACL statistics.

reset acl [ ipv6 ] counter { acl-number | all | name
acl-name }

Clear match statistics (including the accumulated
statistics) for packet filtering ACLs.

reset packet-filter statistics interface [ interface-type
interface-number ] { inbound | outbound } [ [ ipv6 ]
{ acl-number | name acl-name } ]

ACL configuration example

Network requirements

A company interconnects its departments through Device A. Configure an ACL to:

•

Permit access from the President's office at any time to the financial database server.

•

Permit access from the Financial department to the database server only during working hours (from
8:00 to 18:00) on working days.

•

Deny access from any other department to the database server.

Figure 1 Network diagram

Configuration procedure

# Create a periodic time range from 8:00 to 18:00 on working days.

system-view