115
To do…
Use the command…
Remarks
Create a basic ACL and enter its
view, or enter the view of an
existing basic ACL
acl
[
ipv6
]
number
acl-number
[
match-order
{
config
|
auto
} ]
Required
By default, no basic ACL exists.
Create rules for this ACL
rule
[
rule-id
] {
permit
|
deny
}
[
source
{
sour-addr sour-wildcard
|
any
} |
time-range
time-name
|
fragment
|
logging
]*
Required
Exit the basic ACL view
quit
—
Associate the HTTP service with the
ACL
ip http acl
acl-number
Associate the HTTPS service with
the ACL
ip https acl
acl-number
Required
Use either command.
Logging off online web users
Follow this step to log off online web users:
To do…
Use the command…
Remarks
Log off online web users
free web-users
{
all
|
user-id
user-id
|
user-name
user-name
}
Required
Execute the command in user interface view.
Source IP-based login control over web users configuration example
1.
Network requirements
As shown in
, configure the Firewall to allow only web users from Host B to access.
Figure 73
Network diagram for configuring source IP-based login control over web users
2.
Configuration procedure
# Create ACL 2000, and configure rule 1 to permit packets sourced from Host B.
<Firewall > system-view
[Firewall] acl number 2030 match-order config
[Firewall-acl-basic-2030] rule 1 permit source 10.110.100.52 0
# Associate the ACL with the HTTP service so that only web users from Host B are allowed to access the
Firewall.
[Firewall] ip http acl 2030