访问时间段配置
[H3C]time-range shangwu 08:00 to 11:30 working-day 这个working-day 是表示周一到周五,可以修改
[H3C]time-range xiawu 14:00 to 17:30 working-day
[H3C-acl-adv-3003]rule 1 permit ip source 192.168.240.0 0.0.15.255 destination 61.191.138.100 0
小孩手脚脱皮
[H3C-acl-adv-3003]rule 2 deny ip source any destination 61.191.168.100 0 time-range shangwu
[H3C-acl-adv-3003]rule 3 deny ip source any destination 61.191.168.100 0 time-range xiawu
[H3C-acl-adv-3003]quit
在内网接口下发一下(firewall packet-filter 3003 inbound)
将192.168.240.0 255.255.0.0 以前的IP地址设置成不能访问61.191.138.100
system
天空中最亮的星星
acl number 3003
rule 0 permit ip source 192.168.240.0 0.0.15.255 destination 61.191.138.100 0quit
quit
traffic classifier zhengjuan
if-match acl 3033
quit
traffic behavior zhengjuan
filter deny
quit
qos policy test1
class zhengjuan behavior zhengjuan
quitbec是什么意思
int g0/1
qos apply policy test1 inbound(内网口)
quit
save
禁止访问域名的配置
#
acl number 3101
rule 20 permit ip source 192.168.1.20 0
#
traffic classifier urllimit-1 operator and
麻辣毛血旺if-match protocol http host
if-match protocol http host
if-match acl 3101
#
traffic classifier urllimit-2 operator and滑冰鞋
if-match protocol http
if-match acl 3101
#
traffic behavior behaviorfordeny
filter deny温馨的小屋
traffic behavior behaviorforpermit
filter permit
#
qos policy PolicyLimit-983040
classifier urllimit-1 behavior behaviorforpermit
classifier urllimit-2 behavior behaviorfordeny
外网接口上做如下配置:
#张曼莉
interface Ethernet0/0
port link-mode route
ip address 10.154.14.36 255.255.255.0
qos apply policy PolicyLimit-983040 outbound
江西新余仙女湖#
if-match protocol http 这段命令是什么意思?//该命令的意思是区分报文的协议为HTTP且域名为的报文
qos policy PolicyLimit-983040这段命令是什么意思?//该命令的意思是建立一条QOS策略,策略名为PolicyLimit-983040
acl number 3000 //定义从R1到R2的数据流
rule 0 permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255
quit
traffic classifier class1 //用类绑定ACL
if-match acl 3000
quit
traffic behavior bd1 //定义流行为
filter deny
quit
qos policy test1 //定义qos,绑定类和流行为
classifier class1 behavior bd1
quit
interface Ethernet1/0/1 //将定义好的qos下发到路由器的内网口.
qos apply policy test1 inbound
quit
acl里面的deny和Permit对数据的最终是不起影响的,无论是什么都无所谓,真正的操作是流行为里面的
