Description - H3C s3600 series Command Manual

Description

Use the acl command to define an ACL and enter the corresponding ACL view.
Use the undo acl command to remove all the rules of the specified ACL or all the ACLs.
By default, ACL rules are matched in the order they are defined.
Only after the rules in an existing ACL are fully removed can you modify the match order of the ACL.
In ACL view, you can use the rule command to add rules to the ACL.
Related commands: rule.
Examples
# Define ACL 2000 and specify "depth-first" as the match order.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000 match-order auto
[Sysname-acl-basic-2000]
# Add three rules with different numbers of zeros in the source wildcards.
[Sysname-acl-basic-2000] rule 1 permit source 1.1.1.1 0.255.255.255
[Sysname-acl-basic-2000] rule 2 permit source 2.2.2.2 0.0.255.255
[Sysname-acl-basic-2000] rule 3 permit source 3.3.3.3 0.0.0.255
# Use the display acl command to display the configuration information of ACL 2000.
[Sysname-acl-basic-2000] display acl 2000
Basic ACL 2000, 3 rules, match-order is auto
Acl's step is 1
rule 3 permit source 3.3.3.0 0.0.0.255
rule 2 permit source 2.2.0.0 0.0.255.255
rule 1 permit source 1.0.0.0 0.255.255.255
As shown in the output information, the switch sorts the rules of ACL 2000 in the depth-first order: a rule
with more zeros in the source IP address wildcard has a higher priority.
description
Syntax
description text
undo description
View
Basic ACL view, advanced ACL view, Layer 2 ACL view, user-defined ACL view
Parameters
text: Description string to be assigned to an ACL, a string of 1 to 127 characters. Blank spaces and
special characters are acceptable.
Description
Use the description command to assign a description string to an ACL.
Use the undo description to remove the description string of the ACL.
1-2