8-8[Sysname] acl number 2000[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0[Sysname-acl-basic-2000] quit# Apply the ACL to only permit SNMP users sourced from the IP addresses of 10.110.100.52 to accessthe switch.[Sysname] snmp-agent community read aaa acl 2000[Sysname] snmp-agent group v2c groupa acl 2000[Sysname] snmp-agent usm-user v2c usera groupa acl 2000Controlling Web Users by Source IP AddressYou can manage an S5600 Ethernet switch remotely through Web. Web users can access a switchthrough HTTP connections.You need to perform the following two operations to control Web users by source IP addresses.z Defining an ACLz Applying the ACL to control Web usersPrerequisitesThe controlling policy against Web users is determined, including the source IP addresses to becontrolled and the controlling actions (permitting or denying).Controlling Web Users by Source IP AddressesControlling Web users by source IP addresses is achieved by applying basic ACLs, which arenumbered from 2000 to 2999.Follow these steps to control Web users by source IP addresses:To do… Use the command… RemarksEnter system view system-view —Create a basic ACL or enterbasic ACL viewacl number acl-number[ match-order { config | auto } ]As for the acl numbercommand, the config keywordis specified by default.Define rules for the ACL rule [ rule-id ] { deny | permit }[ rule-string ] RequiredQuit to system view quit —Apply the ACL to controlWeb users ip http acl acl-numberOptionalBy default, no ACL is appliedfor Web users.Disconnecting a Web User by ForceThe administrator can disconnect a Web user by force using the related commands.Follow these steps to disconnect a Web user by force: