H3C s3600 series Command Manual page 743
Hide thumbs
Also See for s3600 series:
- Operation manual (966 pages) ,
- Installation manual (98 pages) ,
- Command manual (92 pages)
Table of Contents
Advertisement
rule-mask: User-defined mask of the ACL rule. It must be an even hexadecimal number containing 2 to
160 hexadecimal numerals and be of the same length as that of the rule-string argument. This
argument is used to perform the logical AND operations with packets.
offset: Mask offset of the rule. It specifies a position in packets, from which the logical AND operation is
to be performed. It ranges from 0 to 79 (in bytes).
Note that:
The maximum value of the mask offset of the rule becomes one byte less when the rule-string
argument has two more hexadecimal numerals. For example, when the rule-string contains two
hexadecimal numerals, the maximum value of offset is 79 bytes; when the rule-string contains four
hexadecimal numerals, the maximum value of offset is 78 bytes, and so on.
The valid length of the mask offset is 128 hexadecimal numerals (64 bytes). For example, assume
that you specify a rule string of aa and set its offset to 2. If you continue to specify a rule string of bb,
its offset must be in the range from 3 to 65 bytes. If you set the offset of the rule string aa to 3, the
offset of the rule string bb must be in the range of 4 to 66 bytes, and so on. However, the offset of
the rule string bb cannot be greater than 79 bytes.
As shown in
of a user-defined string into multiple offset units, each of which is 4–byte long. Available offset units
fall into eight groups, which are numbered from Offset1 to Offset8.
With the S3600 series, a user-defined rule string may or may not contain spaces and can be up to
32 bytes in length. It can occupy up to eight mask offset units and any two of the offset units cannot
belong to the same offset group. Otherwise, the ACL cannot be applied successfully.
Table 1-16 Offset units of a user-defined rule string
Offset1
Offset2
0 to 3
4 to 7
2 to 5
6 to 9
6 to 9
10 to 13
12 to 15
16 to 19
20 to 23
24 to 27
30 to 33
34 to 37
42 to 45
46 to 49
56 to 59
60 to 63
&<1-8>: At most eight rules can be defined at one time.
time-range time-name: Specifies a time range within which the ACL rule is valid.
Description
Use the rule command to define an ACL rule.
Use the undo rule command to remove an ACL rule.
To remove an ACL rule using the undo rule command, you need to provide the ID of the ACL rule. You
can obtain the ID of an ACL rule by using the display acl command.
Note that:
Table
1-16, the hardware rule of the S3600 series logically divides the rule mask offset
Offset3
8 to 11
12 to 15
10 to 13
14 to 17
14 to 17
18 to 21
20 to 23
24 to 27
28 to 31
32 to 35
38 to 41
42 to 45
50 to 53
54 to 57
64 to 67
68 to 71
Offset unit
Offset4
Offset5
16 to 19
18 to 21
22 to 25
28 to 31
36 to 39
46 to 49
58 to 61
72 to 75
1-21
Offset6
Offset7
20 to 23
24 to 27
22 to 25
26 to 29
26 to 29
30 to 33
32 to 35
36 to 39
40 to 43
44 to 47
50 to 53
54 to 57
62 to 65
66 to 69
76 to 79
0 to 3
Offset8
28 to 31
30 to 33
34 to 37
40 to 43
48 to 51
58 to 61
70 to 73
4 to 7
- Quick Links:
- Login
- Reset Saved-Configuration
Hide quick links:
Advertisement
Chapters
Table of Contents
