Command Manual (For Soliton) – ACL
H3C S3100 Series Ethernet Switches
Chapter 1 ACL Configuration Commands
1-11
inbound
: Specifies to filter packets received by the ports in the VLAN.
acl-rule
: ACL rules to be applied, which can be a combination of the rules of multiple
ACLs, as described in
Table 1-5
.
Description
Use the
packet-filter vlan
command to apply ACL rules to a VLAN to filter packets.
Use the
undo packet-filter vlan
command to remove the application of ACL rules to a
VLAN.
When you need to apply an ACL to all ports in a VLAN, you can use the
packet-filter
vlan
command to achieve the goal in one operation.
Note:
An ACL assigned to a VLAN takes effect only for the packets tagged with 802.1Q
header. For more information about 802.1Q header, refer to the VLAN part.
Examples
# Apply all rules of basic ACL 2000 to VLAN 10 to make all ports in VLAN 10 filter
inbound packets. Here, it is assumed that the ACL and its rules and the VLAN are
already configured.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] packet-filter vlan 10 inbound ip-group 2000
After completing the above configuration, you can use the
display packet-filter
command to view information about packet filtering.
1.1.11 rule (for Basic ACLs)
Syntax
rule
[
rule-id
] {
deny
|
permit
} [
rule-string
]
undo
rule
rule-id
[
fragment
|
source
|
time-range
]*
View
Basic ACL view
Parameters
I. Parameters of the rule command
rule-id
: ACL rule ID, in the range of 0 to 65534.