大家先看下配置，我的要求就是，在47口上做镜像，4vlan内的机器的数据镜像到47口上，47口接监控服务器，然后在做下访问控制，4vlan内的机器 跟47口上的服务器可以相互通讯，但4vlan之间不能相互通讯！目前47口的ip地址为192.168.25.1 255.255.255.0.希望高手给我写下acl的配置信息！定表重谢！
    FwhSwh#show run
    Building configuration…
    Current configuration : 4909 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname FwhSwh
    !
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    !
    ip dhcp pool vlan20
    network 192.168.20.0 255.255.255.0
    default-router 192.168.20.1
    dns-server 202.106.196.115 202.106.0.20
    !
    ip dhcp pool vlan21
    network 192.168.21.0 255.255.255.0
    default-router 192.168.21.1
    dns-server 202.106.196.115 202.106.0.20
    !
    ip dhcp pool vlan22
    network 192.168.22.0 255.255.255.0
    default-router 192.168.22.1
    dns-server 202.106.196.115 202.106.0.20
    !
    ip dhcp pool vlan23
    network 192.168.23.0 255.255.255.0
    default-router 192.168.23.1
    dns-server 202.106.0.20
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    interface FastEthernet0/1
    switchport access vlan 20
    !
    interface FastEthernet0/2
    switchport access vlan 20
    !
    interface FastEthernet0/3
    switchport access vlan 20
    !
    interface FastEthernet0/4
    switchport access vlan 20
    !
    interface FastEthernet0/5
    switchport access vlan 20
    !
    interface FastEthernet0/6
    switchport access vlan 20
    !
    interface FastEthernet0/7
    switchport access vlan 20
    !
    interface FastEthernet0/8
    switchport access vlan 20
    !
    interface FastEthernet0/9
    switchport access vlan 20
    !
    interface FastEthernet0/10
    switchport access vlan 20
    !
    interface FastEthernet0/11
    switchport access vlan 20
    !
    interface FastEthernet0/12
    switchport access vlan 20
    !
    interface FastEthernet0/13
    switchport access vlan 20
    !
    interface FastEthernet0/14
    switchport access vlan 20
    !
    interface FastEthernet0/15
    switchport access vlan 20
    !
    interface FastEthernet0/16
    switchport access vlan 20
    !
    interface FastEthernet0/17
    switchport access vlan 20
    !
    interface FastEthernet0/18
    switchport access vlan 20
    !
    interface FastEthernet0/19
    switchport access vlan 20
    !
    interface FastEthernet0/20
    switchport access vlan 20
    !
    interface FastEthernet0/21
    switchport access vlan 21
    !
    interface FastEthernet0/22
    switchport access vlan 21
    !
    interface FastEthernet0/23
    switchport access vlan 21
    !
    interface FastEthernet0/24
    switchport access vlan 21
    !
    interface FastEthernet0/25
    switchport access vlan 21
    !
    interface FastEthernet0/26
    switchport access vlan 21
    !
    interface FastEthernet0/27
    switchport access vlan 21
    !
    interface FastEthernet0/28
    switchport access vlan 21
    !
    interface FastEthernet0/29
    switchport access vlan 21
    !
    interface FastEthernet0/30
    switchport access vlan 21
    !
    interface FastEthernet0/31
    switchport access vlan 22
    !
    interface FastEthernet0/32
    switchport access vlan 22
    !
    interface FastEthernet0/33
    switchport access vlan 22
    !
    interface FastEthernet0/34
    switchport access vlan 22
    !
    interface FastEthernet0/35
    switchport access vlan 22
    !
    interface FastEthernet0/36
    switchport access vlan 22
    !
    interface FastEthernet0/37
    switchport access vlan 22
    !
    interface FastEthernet0/38
    switchport access vlan 22
    !
    interface FastEthernet0/39
    switchport access vlan 22
    !
    interface FastEthernet0/40
    switchport access vlan 22
    !
    interface FastEthernet0/41
    switchport access vlan 23
    !
    interface FastEthernet0/42
    switchport access vlan 23
    !
    interface FastEthernet0/43
    switchport access vlan 23
    !
    interface FastEthernet0/44
    switchport access vlan 23
    !
    interface FastEthernet0/45
    !
    interface FastEthernet0/46
    !
    interface FastEthernet0/47
    !
    interface FastEthernet0/48
    no switchport

   ip address *.*.*.* 255.255.255.0
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface GigabitEthernet0/3
    !
    interface GigabitEthernet0/4
    !
    interface Vlan1
    no ip address
    shutdown
    !
    interface Vlan20
    ip address 192.168.20.1 255.255.255.0
    ip access-group 100 in
    ip helper-address 192.168.20.1
    !
    interface Vlan21
    ip address 192.168.21.1 255.255.255.0
    ip access-group 101 in
    ip helper-address 192.168.21.1
    !
    interface Vlan22
    ip address 192.168.22.1 255.255.255.0
    ip access-group 102 in
    ip helper-address 192.168.22.1
    !
    interface Vlan23
    ip address 192.168.23.1 255.255.255.0
    ip access-group 103 in
    ip helper-address 192.168.23.1
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 10.0.0.1
    no ip http server
    !
    access-list 100 deny ip any 192.168.21.0 0.0.0.255
    access-list 100 deny ip any 192.168.22.0 0.0.0.255
    access-list 100 permit ip any any
    access-list 101 deny ip any 192.168.22.0 0.0.0.255
    access-list 101 deny ip any 192.168.20.0 0.0.0.255
    access-list 101 deny ip any 192.168.23.0 0.0.0.255
    access-list 101 permit ip any any
    access-list 102 deny ip any 192.168.20.0 0.0.0.255
    access-list 102 deny ip any 192.168.21.0 0.0.0.255
    access-list 102 deny ip any 192.168.23.0 0.0.0.255
    access-list 102 permit ip any any
    access-list 103 deny ip any 192.168.21.0 0.0.0.255
    access-list 103 deny ip any 192.168.22.0 0.0.0.255
    access-list 103 permit ip any any
    !
    control-plane
    !
    !
    line con 0
    line vty 0 4
    no login
    line vty 5 15
    no login
    !
    !
    end