Configuration procedure
Table 1-8 Apply an ACL to a port
Operation
Enter system view
Enter Ethernet port view
Apply an ACL to the port
You cannot assign an ACL to a member port of a port group.
Configuration example
# Apply ACL 2000 to GigabitEthernet 1/0/1 to filter the inbound packets.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/1
[Sysname-GigabitEthernet1/0/1] packet-filter inbound ip-group 2000
Displaying ACL Configuration
After the above configuration, you can execute the display commands in any view to view the ACL
running information and verify the configuration.
Table 1-9 Display ACL configuration
Operation
Display a configured ACL or
all the ACLs
Display a time range or all
the time ranges
Display the information
about packet filtering
Display the information
about remaining ACL
resources
Command
system-view
interface interface-type
interface-number
packet-filter inbound acl-rule
Command
display acl { all | acl-number }
display time-range { all | time-name }
display packet-filter { global | interface
interface-type interface-number | port-group
[ group-id ] | unitid unit-id | vlan [ vlan-id ] }
display acl remaining entry
1-11
Description
—
—
Required
For description on the acl-rule
argument, refer to ACL
Command.
Description
In any view.