Acl Commands; Acl - HPE FlexFabric 5940 Series Command Reference Manual

ACL commands

acl

Use acl to create an ACL and enter its view, or enter the view of an existing ACL.
Use undo acl to delete the specified or all ACLs.
Syntax
acl [ ipv6 ] { advanced | basic } { acl-number | name acl-name } [ match-order { auto | config } ]
acl mac { acl-number | name acl-name } [ match-order { auto | config } ]
undo acl [ ipv6 ] { all | { advanced | basic } { acl-number | name acl-name } }
undo acl mac { all | acl-number | name acl-name }
Default
No ACLs exist.
Views
System view
Predefined user roles
network-admin
Parameters
ipv6: Specifies the IPv6 ACL type. To specify the IPv4 ACL type, do not use this keyword.
basic: Specifies the basic ACL type.
advanced: Specifies the advanced ACL type.
mac: Specifies the Layer 2 ACL type.
number acl-number: Assigns a number to the ACL.
•
2000 to 2999 for basic ACLs.
•
3000 to 3999 for advanced ACLs.
•
4000 to 4999 for Layer 2 ACLs.
name acl-name: Assigns a name to the ACL. The acl-name argument is a case-insensitive string of
1 to 63 characters. It must start with an English letter and to avoid confusion, it cannot be all.
match-order: Specifies the order in which ACL rules are compared against packets.
•
auto: Compares ACL rules in depth-first order.
•
config: Compares ACL rules in ascending order of rule ID. The rule with a smaller ID has a
higher priority. If you do not specify a match order, the config order applies by default.
all: Specifies all ACLs of the specified type.
Usage guidelines
You can change the match order only for ACLs that do not contain any rules.
Matching packets are forwarded through slow forwarding if an ACL rule contains match criteria or
has functions enabled in addition to the following match criteria and functions:
•
Source and destination IP addresses.
•
Source and destination ports.
•
Transport layer protocol.
1