Huawei Quidway S3900 series Command Manual page 737
Hide thumbs
Also See for Quidway S3900 series:
- Specifications (9 pages) ,
- Installation manual (95 pages) ,
- Operation manual (955 pages)
Table of Contents
Advertisement
Command Manual – ACL
Quidway S3900 Series Ethernet Switches-Release 1510
rule-mask: User-defined mask of the rule. It is used to perform the logical AND
operations with packets and must be an even number containing 2 to 160 hexadecimal
characters. Note that its length must be the same with that of rule-string.
offset: Mask offset of the rule. It specifies a byte, through its offset from the packet
header, in the packet as the starting point to perform logical AND operations. It ranges
from 0 to 79 bytes, and the maximum value becomes one byte less when the value of
rule-string (and rule-mask) has two more characters. For example, when rule-string
and rule-mask contains two characters respectively, the maximum value of offset is 79
bytes; when the former contains four characters respectively, the maximum value of
offset is 78 bytes, and so on.
Note:
Take the following into consideration when configuring the offset parameter:
The packets processed by the switch have VLAN tags. One VLAN tag occupies 4
bytes.
If VLAN VPN is disabled, the packets processed by the switch have 4 bytes of
VLAN tag.
If VLAN VPN is enabled, a 4 bytes of VLAN tag is added to the packets that the
switch receives. The packets will have two VALN tags no matter the received
packets have VLAN tag or not.
&<1-8>: At most eight rules can be defined at one time.
time-range time-name: Specifies a time range within which the rule is valid.
Description
Use the rule command to define an ACL rule.
Use the undo rule command to delete an ACL rule or the attribute information of an
ACL rule.
Note:
For the user-defined ACL rules, if you set to match the fields after the VLAN tag, two
VLAN tags are added for matching of either tagged or untagged packets. For the
packets with their type filed as 0800, the offset value should be 20.
Before you can delete a rule, you need to specify the rule ID. If you do not know the
rule ID, you can view it by the display acl command.
In the case that you specify the rule ID when defining a rule:
Huawei Technologies Proprietary
1-17
Chapter 1 ACL Commands
- Quick Links:
- Cli Configuration Commands
Hide quick links:
Advertisement
Chapters
Table of Contents
