3com 3031 Instruccion De Instalación

C

HAPTER

 58: ACL C

ONFIGURATION

In above rule entries, all entries are valid for non-first fragments. The first and the 
third entries are omitted for non-fragments and first fragment, only valid for 
non-first fragments.

ACL configuration includes:

■

Configure basic ACL

■

Configure advanced ACL

■

Configure interface-based ACL

■

Delete ACL

Perform the following configuration in system view.

For detailed introduction to parameters, refer to basic ACL.

Perform the following configuration in system view.

Table 881   Configuring basic ACL

Create a basic ACL, either 
name-typed or 
number-typed.

acl { number acl-number } [ match-order { 

Configure ACL rule in 
basic ACL view.

rule [ rule-id ] { permit | deny } [ source 

source-addr source-wildcard | any ] [ 

time-range time-name ] [ logging ] [ fragment ] 

[ vpn-instance vpn-instance-name ]

undo rule rule-id [ source ] [ time-range ] [ 

logging ] [ fragment ] [ vpn-instance 

vpn-instance-name ]

Table 882   Configuring advanced ACL

Create an advanced ACL, 
either name-typed or 
number-typed.

acl { number acl-number } [ match-order { 

Configure ACL rule in 
advanced ACL view.

rule [ rule-id ] { permit | deny } protocol 

 

[ source source-addr source-wildcard | any ] 

[ destination dest-addr dest-mask | any ] 

 

[ sourer-port operator port1 [ port2 ] ] 

 

[ destination-port operator port1 [ port2 ] 

] [ icmp-type icmp-type icmp-code ] 

 

[ precedence precedence ] [ tos tos ] 

 

[ time-range time-name ] [ logging ] 

 

vpn-instance-name ]

undo rule  rule-id [ source ] [ destination ] 

[ sourer-port ] [ destination-port ] [ 

icmp-type ] [ precedence ] [ tos ] [ 

time-range ] [ logging ] [ fragment ] [ 

vpn-instance vpn-instance-name ]