假设您的内网网段是192.168.0.0/16
要限制的网段是192.168.10.0/24和192.168.30.0/24
<H3C>sys
[H3C]acl advanced 3001
[H3C-acl-ipv4-adv-3001]rule 0 permit ip source 192.168.0.0 0.0.255.255 destination 192.168.0.0 0.0.255.255
[H3C-acl-ipv4-adv-3001]rule 1 deny ip source 192.168.0.0 0.0.255.255 destination any
在接口下调用ACL
[H3C]int G1/0/17
[H3C-GigabitEthernet1/0/17]packet-filter 3001 inbound
[H3C-GigabitEthernet1/0/17]quit