2 configuration example, 3 basic acl configuration, 1 configuration preparation – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – ACL

H3C S3100-52P Ethernet Switch

Chapter 1 ACL Configuration

1-4

1.2.2 Configuration Example

# Define a time range that will be active from 8:00 to 18:00 on Monday through Friday.

system-view

[H3C] time-range test 8:00 to 18:00 working-day

[H3C] display time-range test

Current time is 13:27:32 4/16/2005 Saturday

Time-range : test ( Inactive )

08:00 to 18:00 working-day

1.3 Basic ACL Configuration

A basic ACL filters packets based on their Layer 3 source IP addresses.
A basic ACL can be numbered from 2000 to 2999.

1.3.1 Configuration Preparation

To configure a time range-based basic ACL rule, you need to create the corresponding
time range first. For information about time range configuration, refer to section 1.2
“Time Range Configuration”.
The source IP addresses based on which the ACL filters packets are determined.

1.3.2 Configuration Procedure

Table 1-2

Define a basic ACL rule

Operation

Command

Description

Enter system

view

system-view

—

Create an ACL or

enter basic ACL

view

acl number

acl-number

[ match-order { config | auto } ]

By the default, the

matching order is
config

.

Define an ACL

rule

rule

[ rule-id ] { permit | deny }

[ fragment | source { sour-addr
sour-wildcard

| any } | time-range

time-name

]*

Required

Assign a

description string

to the ACL

description

text

Optional

Display the

information about

an ACL or all the

ACLs

display

acl { all | acl-number }

Optional
This command can be

executed in any view.