Extreme Networks

Good day all,

Need some advice if you may - I have an X440 and I would like to create ACLs that limit certain protocol ports, like port 80 (http).

Please check my config below:

vlan 2 created
ports 1-10 added to vlan 2 untagged
meter created:
"create meter HTTP-limit
configure meter HTTP-limit committed-rate 1024 Kbps max-burst-size 128 Kb out-actions drop
configure access-list Limits ports 10 ingress"ACL created and applied to port 10 (port where user is connected):
"configure access-list Limits vlan "DATA" ingress"
Policy created:
"Policies at Policy Server:
Policy: Limits
entry 1 {
if match all {
protocol TCP ;
destination-port 80 ;
}
then {
meter HTTP-limit ;
count HTTP-limit-count ;
}
}
Number of clients bound to policy: 1
Client: acl bound once"Access-List counter:
"show acce count
Policy Name Vlan Name Port Direction
Counter Name Packet Count Byte Count
==================================================================
Limits * 10 ingress
HTTP-limit-count 1638"

With the above config - there is NO meter limiting on the traffic.

BUT - when I remove:
"protocol TCP ; destination-port 80 " and have the brackets empty - it works beautifully.

From my understanding and reading through the ACL Solutions Guide - the above should work ?

If I enter :
check policy Limitsit returns successful..

I think I am missing a command or expression somewhere. Can anyone provide some guidance ?

thanks !