Rule (For Advanced Acls) - H3C s3100 series Command Manual
Hide thumbs
Also See for s3100 series:
- Command manual (1244 pages) ,
- Operation manual (1057 pages) ,
- Installation manual (94 pages)
Table of Contents
Advertisement
rule (for Advanced ACLs)
Syntax
rule [ rule-id ] { deny | permit } protocol [ rule-string ]
undo rule rule-id [ destination | destination-port | dscp | fragment | icmp-type | precedence |
source | source-port | time-range | tos ]*
View
Advanced ACL view
Parameters
Parameters of the rule command
rule-id: ACL rule ID, in the range of 0 to 65534.
deny: Drops the matched packets.
permit: Permits the matched packets.
protocol: Protocol carried by IP. When the protocol is represented by numeral, it ranges from 1 to 255;
when the protocol is represented by name, it can be gre (47), icmp (1), igmp (2), ip, ipinip (4), ospf
(89), tcp (6), and udp (17).
rule-string: ACL rule information, which can be a combination of the parameters described in
Table 1-7 Arguments/keywords available to the rule-string argument
Arguments/Keywords
source { sour-addr
sour-wildcard | any }
destination { dest-addr
dest-wildcard | any }
precedence
precedence
tos tos
dscp dscp
Type
Function
Specifies the
Source
source address
address
information for
the ACL rule
Specifies the
destination
Destination
address
address
information for
the ACL rule
Packet
Specifies an IP
priority
precedence.
Packet
Specifies a ToS
priority
preference.
Packet
Specifies a
priority
DSCP priority.
1-13
Description
The sour-addr sour-wildcard
arguments specify the source
address of the packets, expressed in
dotted decimal notation. You can
specify the IP address of a host as the
source address by providing 0 for the
sour-wildcard argument.
The any keyword specifies any
source address.
The dest-addr dest-wildcard
arguments specify the destination
address of the packets, expressed in
dotted decimal notation. You can
specify the IP address of a host as the
destination address by providing 0 for
the dest-wildcard argument.
The any keyword specifies any
destination address.
The precedence argument can be a
number in the range 0 to 7.
The tos argument can be a number in
the range 0 to 15.
The dscp argument can be a number
in the range 0 to 63.
Table
1-7.
- Quick Links:
- Cli Configuration Commands
- Login
Hide quick links:
Advertisement
Chapters
Table of Contents
