3com WX3000 Manuel D’Utilisation

 

1-7 

z 

If the ACL is created with the auto keyword specified, the newly created rules will be inserted in the 

existent ones by depth-first principle, but the numbers of the existent rules are unaltered.  

# Configure ACL 3000 to permit the TCP packets sourced from the network 129.9.0.0/16 and destined 

for the network 202.38.160.0/24 and with the destination port number being 80. 

<device> system-view 

[device] acl number 3000 

[device-acl-adv-3000] rule permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0 

0.0.0.255 destination-port eq 80 

# Display the configuration information of ACL 3000. 

[device-acl-adv-3000] display acl 3000 

Advanced ACL  3000, 1 rule 

Acl's step is 1 

 

rule 0 permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0 0.0.0.255 

destination-port eq www 

Layer 2 ACLs filter packets according to their Layer 2 information, such as the source and destination 

MAC addresses, VLAN priority, and Layer 2 protocol types. 

A Layer 2 ACL can be numbered from 4000 to 4999.  

z 

To configure a time range-based Layer 2 ACL rule, you need to create the corresponding time 

ranges first. For information about time range configuration, refer to 

. 

z 

The settings to be specified in the rule, such as source and destination MAC addresses, VLAN 

priorities, and Layer 2 protocol types, are determined. 

Follow these steps to define a Layer 2 ACL rule: 

Enter system view  

— 

Create a Layer 2 ACL 
and enter layer 2 ACL 
view 

acl number acl-number 

Required 

Define an ACL rule  

rule [ rule-id ] { permit | deny } 
rule-string 

Required 

For information about rule-string, 
refer to ACL Command. 

Assign a description 
string to the ACL rule  

rule rule-id comment text 

Optional  

No description by default 

Assign a description 
string to the ACL 

description text 

Optional  

No description by default