Rule (For Basic Acls) - H3C s3600 series Command Manual
Hide thumbs
Also See for s3600 series:
- Operation manual (966 pages) ,
- Installation manual (98 pages) ,
- Command manual (92 pages)
Table of Contents
Advertisement
Parameters
vlan-id: VLAN ID.
inbound: Specifies to filter packets received by the ports in the VLAN.
outbound: Specifies to filter packets to be transmitted by the ports in the VLAN.
acl-rule: ACL rules to be applied, which can be a combination of the rules of multiple ACLs, as described
in
Table
1-5.
Description
Use the packet-filter vlan command to apply ACL rules on ports in a VLAN to filter packets.
Use the undo packet-filter vlan command to remove the application of ACL rules on ports of a VLAN.
Note that the packet-filter vlan command applies the ACL rules on all ports in a VLAN, allowing you to
apply ACL rules to multiple ports in one operation.
Examples
# Apply all rules of basic ACL 2000 on all ports in VLAN 10 to filter inbound packets. Here, it is assumed
that the ACL and its rules and the VLAN are already configured.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] packet-filter vlan 10 inbound ip-group 2000
# Apply rule 1 of Layer 2 ACL 4000 on all ports in VLAN 20 to filter outbound packets. Here, it is
assumed that the ACL and its rule numbered 1 and the VLAN are already configured.
[Sysname] packet-filter vlan 20 outbound link-group 4000 rule 1
# Apply rule 2 of user-defined ACL 5000 on all ports in VLAN 30 to filter inbound packets. Here, it is
assumed that the ACL and its rule numbered 2 and the VLAN are already configured.
[Sysname] packet-filter vlan 30 inbound user-group 5000 rule 2
# Apply rule 1 of advanced ACL 3000 and rule 2 of Layer 2 ACL 4000 on all ports in VLAN 40 to filter
inbound packets. Here, it is assumed that the ACLs and their rules and the VLAN are already
configured.
[Sysname] packet-filter vlan 40 inbound ip-group 3000 rule 1 link-group 4000 rule 2
After completing the above configuration, you can use the display packet-filter command to view
information about packet filtering.
rule (for Basic ACLs)
Syntax
rule [ rule-id ] { deny | permit} [ rule-string ]
undo rule rule-id [ fragment | source | time-range ]*
View
Basic ACL view
1-9
- Quick Links:
- Login
- Reset Saved-Configuration
Hide quick links:
Advertisement
Chapters
Table of Contents
