Operation Manual – ACLH3C S7500 Series Ethernet Switches Chapter 1 ACL Configuration1-251.11.3 Layer 2 ACL Configuration ExampleI. Network requirementsThrough Layer 2 ACL configuration, packets with the source MAC address of0011-0011-0101 and destination MAC address of 0011-0011-0303 are to be filteredwithin the time range from 8:00 to 18:00 everyday. Apply this ACL on Ethernet 2/0/1.II. Network diagramSwitchEth2/0/1PC10011-0011-0011PC2To the routerFigure 1-3 Network diagram for Layer 2 ACL configurationIII. Configuration procedureNote:Only the commands related to the ACL configuration are listed below.1) Define the time range# Define the periodic time range from 8:00 to 18:00 everyday. system-view[H3C] time-range test 8:00 to 18:00 daily2) Define an ACL rule for packets with the source MAC address of 0011-0011-0101and destination MAC address of 0011-0011-0303.# Create ACL 4000 and enter ACL 4000 view.[H3C] acl number 4000# Define an ACL rule to deny packets with the source MAC address of 0011-0011-0101and destination MAC address of 0011-0011-0303, specifying the time range namedtest for the ACL rule.[H3C-acl-link-4000] rule 1 deny ingress 0011-0011-0101 ffff-ffff-ffff egress0011-0011-0303 ffff-ffff-ffff time-range test[H3C-acl-link-4000] quit3) Apply the ACL on a port.