Assigning an ACL Globally
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Layer 2
Configure procedure
Table 1-5 Assign an ACL globally
Operation
Enter system view
Assign an ACL
globally
Configuration example
# Apply ACL 2000 globally to filter the inbound packets on all the ports.
<Sysname> system-view
[Sysname] packet-filter inbound ip-group 2000
Assigning an ACL to a VLAN
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Layer 2
Configuration procedure
Table 1-6 Assign an ACL to a VLAN
Operation
Enter system view
Apply an ACL to a VLAN
An ACL assigned to a VLAN takes effect only for the packets tagged with 802.1Q header. For more
information about 802.1Q header, refer to the VLAN part.
Configuring Basic
ACL.
Command
system-view
packet-filter inbound acl-rule
Configuring Basic
ACL.
Command
system-view
packet-filter vlan vlan-id
inbound acl-rule
ACL, section
Configuring Advanced
—
Required
For description on the acl-rule
argument, refer to ACL Command.
ACL, section
Configuring Advanced
—
Required
For description on the acl-rule argument,
refer to ACL Command.
1-9
ACL, section
Description
ACL, section
Description