3com 8807 User Guide

VLAN-ACL is VLAN-based ACL. You can configure QACL for a VLAN to control 
accesses made to all ports in the VLAN.

VLAN-ACL enables you to manage a network in an easier way. After you configure 
QACL for a VLAN, the system synchronizes the configuration to all member ports 
in the VLAN automatically. Therefore you need not to configure QACL for every 
port.

The VLAN for which you configure QACL must meet the following requirements:

■

The VLAN has member ports.

■

The VLAN has no MPLS intermixing ports.

■

The default flow template is applied to ports in the VLAN.

Table 183   Configure a VLAN-ACL

Enter system view 

system-view 

- 

Create an ACL and 
enter the 
corresponding view 

acl { number acl-number | name acl-name [ 
advanced | basic ] } [ match-order { config | 
auto } ] 

Only basic or advanced 
ACL and the rules are 
applicable to 
VLAN-ACL. 

Define a rule 

rule 

Required 

Quit ACL view 

quit 

- 

Enter VLAN view 

vlan vlan-id 

VLAN-ACL is prohibited 
from being applied to 
the VLAN containing 
MPLS intermixing ports. 

Configure packet 
filtering (activating 
ACLs) 

packet-filter inbound ip-group { 
acl-number | acl-name } [ rule rule [ 
system-index index ] ] 

Optional 

Configure traffic 
policing 

traffic-limit inbound ip-group { acl-number 
| acl-name } [ rule rule [ system-index index ] 
] [ tc-index index ] { traffic-index 
traffic-index | cir cbs ebs [ pir ] } { conform { 
remark-cos | remark-policed-service } | 
exceed { forward | drop } }* 

Optional