Table of Contents
Advertisement
For a basic IPv4 ACL rule to be referenced by a QoS policy for traffic classification, the logging
keyword is not supported.
Related commands: display acl.
Examples
# Create a rule to deny packets with the source IP address 1.1.1.1.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule deny source 1.1.1.1 0
rule (advanced IPv4 ACL view)
Syntax
rule [ rule-id ] { deny | permit } protocol [ { established | { ack ack-value | fin fin-value | psh psh-value
| rst rst-value | syn syn-value | urg urg-value } * } | destination { dest-addr dest-wildcard | any } |
destination-port operator port1 [ port2 ] | dscp dscp | fragment | icmp-type { icmp-type icmp-code |
icmp-message } | logging | precedence precedence | reflective | source { sour-addr sour-wildcard |
any } | source-port operator port1 [ port2 ] | time-range time-range-name | tos tos | vpn-instance
vpn-instance-name ] *
undo rule rule-id [ { established | { ack | fin | psh | rst | syn | urg } * } | destination |
destination-port | dscp | fragment | icmp-type | logging | precedence | reflective | source |
source-port | time-range | tos | vpn-instance ] *
View
Advanced IPv4 ACL view
Default Level
2: System level
Parameters
rule-id: Advanced IPv4 ACL rule number, in the range 0 to 65534.
deny: Drops matched packets.
permit: Allows matched packets to pass.
protocol: Protocol carried by IP. It can be a number in the range 0 to 255, or in words, gre (47), icmp
(1), igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17).
be specified after the protocol argument.
Table 14-4
14-12
shows the parameters that can
Advertisement
Chapters
Table of Contents
