Command Manual (For Soliton) – ACL
H3C S3100 Series Ethernet Switches
Chapter 1 ACL Configuration Commands
1-14
After completing the above configuration, you can use the
display acl
command to
view the configuration information of the ACLs.
1.1.12 rule (for Advanced ACLs)
Syntax
rule
[
rule-id
] {
deny
|
permit
}
protocol
[
rule-string
]
undo
rule
rule-id
[
destination
|
destination-port
|
dscp
|
fragment
|
icmp-type
|
precedence
|
source
|
source-port
|
time-range
|
tos
]*
View
Advanced ACL view
Parameters
I. Parameters of the rule command
rule-id
: ACL rule ID, in the range of 0 to 65534.
deny
: Drops the matched packets.
permit
: Permits the matched packets.
protocol
: Protocol carried by IP. When the protocol is represented by numeral, it ranges
from 1 to 255; when the protocol is represented by name, it can be
gre
(47),
icmp
(1),
igmp
(2),
ip
,
ipinip
(4),
ospf
(89),
tcp
(6), and
udp
(17).
rule-string
: ACL rule information, which can be a combination of the parameters
described in
Table 1-7
.
Table 1-7
Arguments/keywords available to the
rule-string
argument
Arguments/Keyw
ords
Type
Function
Description
source
{
sour-addr
sour-wildcard
|
any
}
Source
address
Specifies the
source
address
information for
the ACL rule
The
sour-addr sour-wildcard
arguments specify the source
address of the packets,
expressed in dotted decimal
notation. You can specify the
IP address of a host as the
source address by providing 0
for the
sour-wildcard
argument.
The
any
keyword specifies any
source address.