4 controlling telnet users by source mac addresses, 4 “controlling telnet, Users by source mac – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – Login

H3C S3100-52P Ethernet Switch

Chapter 8 User Control

8-3

Operation

Command

Description

Define rules for the

ACL

rule

[ rule-id ] { permit |

deny

} protocol [ source

{ source-addr wildcard |
any

} ] [ destination

{ dest-addr wildcard | any } ]

[ source-port operator port1

[ port2 ] ] [ destination-port
operator port1

[ port2 ] ]

[ icmp-type type code ]

[

established

]

[ { precedence precedence
tos

tos | dscp dscp }* |

fragment

| time-range

name

]*

Required
You can define rules as

needed to filter by specific

source and destination IP

addresses.

Quit to system view

quit

—

Enter user

interface view

user-interface

[ type ]

first-number

[ last-number ]

—

Apply the ACL to

control Telnet

users by specified

source and

destination IP

addresses

acl

acl-number { inbound |

outbound

}

Required
The

inbound

keyword

specifies to filter the users

trying to Telnet to the current

switch.
The outbound keyword

specifies to filter users trying

to Telnet to other switches

from the current switch.

8.2.4 Controlling Telnet Users by Source MAC Addresses

Controlling Telnet users by source MAC addresses is achieved by applying Layer 2
ACLs, which are numbered from 4000 to 4999. Refer to the ACL module for information
about defining an ACL.

Table 8-4

Control Telnet users by source MAC addresses

Operation

Command

Description

Enter system view system-view

—

Create or enter

Layer 2 ACL view

acl number

acl-number

—