- 配置ACL# 配置符合要求的二层ACL。
<HUAWEI> system-view
[HUAWEI] acl 4000
[HUAWEI-acl-L2-4000] rule deny source-mac 00e0-f201-0101 ffff-ffff-ffff destination-mac 0260-e207-0002 ffff-ffff-ffff
[HUAWEI-acl-L2-4000] quit
- 配置基于ACL的流分类# 配置流分类tc1,对匹配ACL 4000的报文进行分类。
[HUAWEI] traffic classifier tc1
[HUAWEI-classifier-tc1] if-match acl 4000
[HUAWEI-classifier-tc1] quit
- 配置流行为# 配置流行为tb1,动作为拒绝报文通过。
[HUAWEI] traffic behavior tb1
[HUAWEI-behavior-tb1] deny
[HUAWEI-behavior-tb1] quit
- 配置流策略# 配置流策略tp1,将流分类tc1与流行为tb1关联。
[HUAWEI] traffic policy tp1
[HUAWEI-trafficpolicy-tp1] classifier tc1 behavior tb1
[HUAWEI-trafficpolicy-tp1] quit
- 应用流策略# 将流策略tp1应用到GE0/0/2接口。
[HUAWEI] interface gigabitethernet 0/0/2
[HUAWEI-GigabitEthernet0/0/2] traffic-policy tp1 inbound
[HUAWEI-GigabitEthernet0/0/2] quit
