目的:對192.168.57.0段用戶限速30M(即下載速度30/8,上傳同),192.168.57.1和192.168.57.127除外
access-list rate-limiting extended deny ip any 192.168.57.1 255.255.255.255
access-list rate-limiting extended deny ip 192.168.57.1 255.255.255.255 any
access-list rate-limiting extended deny ip any 192.168.57.127 255.255.255.255
access-list rate-limiting extended deny ip 192.168.57.127 255.255.255.255 any
access-list rate-limiting extended permit ip 192.168.57.0 255.255.255.0 any
access-list rate-limiting extended permit ip any 192.168.57.0 255.255.255.0
class-map rate-limiting
match access-list rate-limiting
policy-map xs10m
class rate-limiting
police input 30000000
police output 30000000
!
service-policy xs10m interface inside //應用在inside口。在outside應用時不生效,因nat的應用,使得內外網IP不是一一對應,不法正常限制。