176 CHAPTER 7: QOS/ OPERATION
Configuring ACL Control
for TELNET Users
By configuring ACL control over TELNET, users can filter the malicious and illegal
connection requests before password authentication, and ensure device security.
The steps to control TELNET users with ACL are described in the following
sections:
■Defining an ACL
■Importing an ACL
Defining an ACL
To implement the ACL control function, you can only call the numbered basic ACL,
ranging from 2000 to 2999.
Perform the following configuration in system view.
In the definition process, you can configure multiple rules for an ACL, using the
rule command repeatedly.
Importing an ACL
To implement ACL control, you can import the defined ACL in user interface view.
Perform the following configuration in the designated view.
For more information about the command, see the Switch 7750 Command
Reference Guide.
Only a numbered basic ACL can be imported for TELNET user control.
Example: Controlling TELNET Users with ACL
Figure 48 illustrates a configuration that controls TELNET users with an ACL.
Tabl e 186 Defining a Basic ACL
Operation Command
Enter basic ACL view (from system view) acl { number acl-number | name acl-name
basic ip } [ match-order { config | auto } ]
Add a sub-item to the ACL (from basic ACL
view)
rule [ rule-id ] { permit | deny } [ source
source-addr source-wildcard | any ] [
fragment ] [ time-range name ]
Delete a sub-item from the ACL (from basic
ACL view)
undo rule rule-id [ source ] [ fragment ] [
time-range ]
Delete one ACL or all the ACL (from system
view)
undo acl { number acl-number | name
acl-name | all }
Tabl e 187 Importing an ACL
Operation Command
Enter user-interface view (from system view) user-interface [ type ] first-number [
last-number ]
Call an ACL (from user-interface view) acl acl-number { inbound | outbound }