Configuring user-defined acl, Configuration prerequisites, Configuration procedure – H3C Technologies H3C S3600 Series Switches User Manual

1-10

[Sysname-acl-ethernetframe-4000] rule deny cos 3 source 000d-88f5-97ed

ffff-ffff-ffff dest 0011-4301-991e ffff-ffff-ffff

# Display the configuration information of ACL 4000.

[Sysname-acl-ethernetframe-4000] display acl 4000

Ethernet frame ACL 4000, 1 rule

Acl's step is 1

rule 0 deny cos excellent-effort source 000d-88f5-97ed ffff-ffff-ffff des t

0011-4301-991e ffff-ffff-ffff

Configuring User-defined ACL

A user-defined ACL filters packets by comparing specific bytes in packet headers with

specified string.

A user-defined ACL can be numbered from 5000 to 5999.

Configuration prerequisites

To configure a time range-based user-defined ACL rule, you need to define the

corresponding time ranges first. For information about time range configuration, refer to

Configuring Time Range

.

Configuration procedure

Follow these steps to define a user-defined ACL rule:

To do...

Use the command...

Remarks

Enter system view

system-view

—

Create a user-defined
ACL and enter
user-defined ACL view

acl number acl-number

Required

Define an ACL rule

rule [ rule-id ] { permit | deny }
[ rule-string rule-mask offset ]
&<1-8> [ time-range
time-name ]

Required

For information about
rule-string, refer to ACL
Commands.

Define a comment for
the ACL rule

rule rule-id comment text

Optional

No description by default

Define a description for
the ACL

description text

Optional

No description by default