2 configuration procedure, 2 configuration procedure -6 – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – ACL

H3C S3100-52P Ethernet Switch

Chapter 1 ACL Configuration

1-6

The settings to be specified in the rule, such as source and destination IP addresses,
the protocols carried by IP, and protocol-specific features, are determined.

1.4.2 Configuration Procedure

Table 1-3

Define an advanced ACL rule

Operation

Command

Description

Enter system view system-view

—

Create an

advanced VLAN or

enter advanced

ACL view

acl number

acl-number

[ match-order { config |
auto

} ]

By the default, the match

order is config.

Define an ACL rule

rule

[ rule-id ] { permit |

deny

} rule-string

Required

Assign a

description string

to the ACL rule

rule

rule-id comment text

Optional

Assign a

description string

to the ACL

description

text

Optional

Display the

information about

an ACL or all the

ACLs

display

acl { all |

acl-number

}

Optional
This command can be

executed in any view.

The rule-string argument of the rule command listed in Table 1-3 can be a combination
of the argument/keywords described in Table 1-4. Note that the rule-string argument
must begin with the protocol argument.

Table 1-4

Description on the argument/keywords used in the rule-string argument

Arguments/Keywords

Type

Function

Description

protocol

Protocol

type

Type of the

protocols

carried by IP

When expressed in

numerals, this argument

ranges from 1 to 255.
When expressed with a

name, the value can be

GRE, ICMP, IGMP, IP,

IPinIP, OSPF, TCP, and

UDP.