Configuring an IPv4 basic ACL
IPv4 basic ACLs match packets based only on source IP addresses.
To configure an IPv4 basic ACL:
Step
1.
Enter system view.
2.
Create an IPv4 basic ACL and
enter its view.
3.
(Optional.) Configure a
description for the IPv4 basic
ACL.
4.
(Optional.) Set the rule
numbering step.
5.
Create or edit a rule.
6.
(Optional.) Add or edit a rule
comment.
Configuring an IPv6 basic ACL
IPv6 basic ACLs match packets based only on source IP addresses.
To configure an IPv6 basic ACL:
Step
Enter system view.
1.
2.
Create an IPv6 basic ACL
view and enter its view.
3.
(Optional.) Configure a
description for the IPv6 basic
ACL.
4.
(Optional.) Set the rule
numbering step.
Command
system-view
acl number acl-number [ name
acl-name ] [ match-order { auto |
config } ]
description text
step step-value
rule [ rule-id ] { deny | permit }
[ counting | fragment | logging |
source { source-address
source-wildcard | any } |
time-range time-range-name |
vpn-instance vpn-instance-name ] *
rule rule-id comment text
Command
system-view
acl ipv6 number acl-number
[ name acl-name ] [ match-order
{ auto | config } ]
description text
step step-value
8
Remarks
N/A
By default, no ACL exists.
IPv4 basic ACLs are numbered in
the range of 2000 to 2999.
You can use the acl name acl-name
command to enter the view of a
named ACL.
By default, an IPv4 basic ACL has
no ACL description.
The default setting is 5.
By default, an IPv4 basic ACL does
not contain any rule.
The logging keyword takes effect
only when the module (for
example, packet filtering) that uses
the ACL supports logging.
By default, no rule comments are
configured.
Remarks
N/A
By default, no ACL exists.
IPv6 basic ACLs are numbered in
the range of 2000 to 2999.
You can use the acl ipv6 name
acl-name command to enter the
view of a named ACL.
By default, an IPv6 basic ACL has
no ACL description.
The default setting is 5.