3com S7906E 安装指导
2-7
z
You can modify the match order of an ACL with the acl number acl-number [ name acl-name ]
match-order { auto | config } command but only when it does not contain any rules.
z
The rule specified in the rule comment command must have existed.
Configuration Examples
# Create ACL 4000 to deny frames with the 802.1p priority of 3.
<Sysname> system-view
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule deny cos 3
# Verify the configuration.
[Sysname-acl-ethernetframe-4000] display acl 4000
Ethernet frame ACL 4000, named -none-, 1 rule,
ACL's step is 5
rule 0 deny cos excellent-effort
Copying an IPv4 ACL
This feature allows you to copy an existent IPv4 ACL to generate a new one, which is of the same type
and has the same match order, match rules, rule numbering step and descriptions as the source IPv4
ACL.
Configuration Prerequisites
Make sure that the source IPv4 ACL exists while the destination IPv4 ACL does not.
Configuration Procedure
Follow these steps to copy an IPv4 ACL:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Copy an existing IPv4 ACL to
generate a new one of the
same type
generate a new one of the
same type
acl copy { source-acl-number | name
source-acl-name } to { dest-acl-number | name
dest-acl-name }
source-acl-name } to { dest-acl-number | name
dest-acl-name }
Required
z
The source IPv4 ACL and the destination IPv4 ACL must be of the same type.
z
The generated ACL does not take the name of the source IPv4 ACL.