3com 5500-ei pwr Instrução De Instalação

 

1-11 

number is 65534, however, the system will display an error message and you need to 

specify a number for the rule.  

z 

The content of a modified or created rule cannot be identical with the content of any 

existing rules; otherwise the rule modification or creation will fail, and the system 

prompts that the rule already exists.  

# Configure ACL 5000 to deny all TCP packets, provided that VLAN-VPN is not enabled on 

any port. In the ACL rule, 06 is the TCP protocol number, ff is the mask of the rule, and 27 

is the protocol field offset of an internally processed IP packet.  

<Sysname> system-view 

[Sysname] acl number 5000 

[Sysname-acl-user-5000] rule deny 06 ff 27 

# Display the configuration information of ACL 5000. 

[Sysname-acl-user-5000] display acl 5000 

User defined ACL  5000, 1 rule 

Acl's step is 1 

 rule 0 deny 06 ff 27 

By applying ACL rules on ports, you can filter packets on the corresponding ports. 

You need to define an ACL before applying it on a port. For information about defining an 

ACL, refer to 

, and 

Follow these steps to apply ACL rules on a port: 

Enter system view  

system-view 

— 

Enter Ethernet port 
view  

interface interface-type 
interface-number 

— 

Apply ACL rules on 
the port 

packet-filter { inbound | 
outbound } acl-rule 

Required  

For information about acl-rule, 
refer to ACL Commands. 

 

# Apply ACL 2000 on Ethernet 1/0/1 to filter inbound packets.  

<Sysname> system-view 

[Sysname] interface Ethernet 1/0/1