3com MSR 20-20 참조 매뉴얼

l2: Sets the offset from the beginning of the Layer 2 frame header.

time-range time-name: Specifies the time range in which the rule can take effect. 
The time-name argument is a case-insensitive string of 1 to 32 characters. The 
name must begin with an English letter and cannot be all to avoid confusion.

rule-string: Defines a match pattern in hexadecimal format. Its length must be a 
multiple of two.

rule-mask: Defines a match pattern mask in hexadecimal format. Its length must 
be the same as that of the match pattern.

offset: The offset in bytes at which the match operation begins.

&<1-8>: Indicates that up to eight match patterns can be defined in the rule.

Use the rule command to create a user-defined IPv4 ACL rule.

Use the undo rule command to remove a user-defined ACL rule.

You will fail to create or modify a user-defined ACL rule if its permit/deny 
statement is exactly the same as another rule.

When defining user-defined ACL rules, you need not assign them IDs. The system 
can automatically assign rule IDs starting with 0 and increasing in rule numbering 
steps of five. A rule ID thus assigned is greater than the current highest rule ID. For 
example, if the current highest rule ID is 28, the next rule will be numbered 30. For 
detailed information about step, refer to “step (for IPv4)” on page 2100 and “step 
(for IPv6)” on page 2116.

You may use the display acl command to verify rules configured in an ACL.

n

# Create a user-defined ACL rule.

<Sysname> system-view

[Sysname] acl number 5005

[Sysname-acl-user-5005] rule 0 permit l2 0806 ffff 20 

rule rule-id comment text

undo rule rule-id comment

Basic IPv4 ACL view, advanced IPv4 ACL view, Ethernet frame header ACL view, 
user-defined ACL view

rule-id: IPv4 ACL rule number in the range 0 to 65534.