3com 5500-ei pwr Reference Guide

 

1-9 

# Apply rule 2 of user-defined ACL 5000 on Ethernet 1/0/3 to filter inbound packets. Here, it is assumed 

that the ACL and its rule numbered 2 are already configured. 

[Sysname] interface Ethernet 1/0/3 

[Sysname-Ethernet1/0/3] packet-filter inbound user-group 5000 rule 2 

[Sysname-Ethernet1/0/3] quit 

# Apply rule 1 of advanced ACL 3000 and rule 2 of Layer 2 ACL 4000 on Ethernet 1/0/4 to filter inbound 

packets. Here, it is assumed that the ACLs and their rules are already configured. 

[Sysname] interface Ethernet 1/0/4 

[Sysname-Ethernet1/0/4] packet-filter inbound ip-group 3000 rule 1 link-group 4000 rule 2 

After completing the above configuration, you can use the display packet-filter command to view 

information about packet filtering. 

packet-filter vlan vlan-id { inbound | outbound } acl-rule 

undo packet-filter vlan vlan-id { inbound | outbound } acl-rule 

System view 

vlan-id: VLAN ID.  

inbound: Specifies to filter packets received by the ports in the VLAN.  

outbound: Specifies to filter packets to be transmitted by the ports in the VLAN.  

acl-rule: ACL rules to be applied, which can be a combination of the rules of multiple ACLs, as 

.  

Use the packet-filter vlan command to apply ACL rules on ports in a VLAN to filter packets. 

Use the undo packet-filter vlan command to remove the application of ACL rules on ports of a VLAN.  

Note that the packet-filter vlan command applies the ACL rules on all ports in a VLAN, allowing you to 

apply ACL rules to multiple ports in one operation.  

# Apply all rules of basic ACL 2000 on all ports in VLAN 10 to filter inbound packets. Here, it is assumed 

that the ACL and its rules and the VLAN are already configured. 

<Sysname> system-view 

System View: return to User View with Ctrl+Z. 

[Sysname] packet-filter vlan 10 inbound ip-group 2000