Operation Manual – LoginH3C S7500 Series Ethernet Switches Chapter 6 User Control6-3To do… Use the command… RemarksDefine rules for the ACLrule [ rule-id ] { permit |deny } protocol [ source{ source-addr wildcard |any } ] [ destination{ dest-addr dest-mask |any } ] [ source-portoperator port1 [ port2 ] ][ destination-portoperator port1 [ port2 ] ][ icmp-type type code ][ established ][ [ precedenceprecedence | tos tos ]* |dscp dscp ] [ fragment ][ time-range time-name ]RequiredYou can define rules asneeded to filter by specificsource and destination IPaddresses.Return to system view quit —Enter user interface viewuser-interface [ type ]first-number[ last-number ]—Apply the ACL to controlTelnet users by specifiedsource and destination IPaddressesacl acl-number { inbound| outbound }RequiredThe inbound keywordspecifies to filter the userstrying to Telnet to thecurrent switch.The outbound keywordspecifies to filter userstrying to Telnet to otherswitches from the currentswitch.6.3 Controlling Network Management Users by Source IPAddressesYou can manage a H3C series Ethernet switch through network management software.Network management users can access switches through SNMP.You need to perform the following two operations to control network management usersby source IP addresses.z Defining an ACLz Applying the ACL to control users accessing the switch through SNMP6.3.1 PrerequisitesThe controlling policy against network management users is determined, including thesource IP addresses to be controlled and the controlling actions (permitting or denying).