Huawei Quidway S5600 Series Operation Manual page 703
Hide thumbs
Also See for Quidway S5600 Series:
- Specifications (9 pages) ,
- Installation manual (73 pages)
Table of Contents
Advertisement
Operation Manual – ACL
Quidway S5600 Series Ethernet Switches-Release 1510
1.6 Defining User-Defined ACLs
Using a byte, which is specified through its offset from the packet header, in the packet
as the starting point, user-defined ACLs perform logical AND operations on packets
and compare the extracted string with the user-defined string to find the matching
packets for processing.
User-defined ACL numbers range from 5000 to 5999.
1.6.1 Configuration Preparation
To configure a time range-based ACL rule, you need first to define the corresponding
time range, as described in section 1.2 "Configuring Time Ranges".
1.6.2 Configuration Procedure
Table 1-13 Define a user-defined ACL rule
Operation
Enter system view
Create
user-defined
view
Define an ACL rule
Define
description for the
ACL rule
Define a comment
string for the ACL
rule
Display
information
Note:
For the user-defined ACL rules, if you set to match the fields after the VLAN tag, two
VLAN tags are added for matching of either tagged or untagged packets. For the
packets with their type filed as 0800, the offset value should be 20.
When you specify the rule ID by using the rule command, note that:
Command
system-view
or
enter
ACL
acl number acl-number
rule [ rule-id ] { permit |
deny } [ rule-string rule-mask
offset ] &<1-8> [ time-range
name ]
the
description text
rule rule-id comment text
ACL
display acl { all |
acl-number }
Huawei Technologies Proprietary
—
Required
Required
Optional
Optional
Optional
This
executed in any view.
1-15
Chapter 1 ACL Configuration
Description
command
can
be
- Quick Links:
- Chapter 3 Product Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
