Configuring An Advanced Acl - Huawei Quidway S9300 Configuration Manual
Terabit routing switch v100r001c03
Hide thumbs
Also See for Quidway S9300:
- Configuration manual - network management (630 pages) ,
- Configuration manual (603 pages) ,
- Configuration manual - multicast (262 pages)
Table of Contents
Advertisement
8 ACL Configuration
Context
Do as follows on the S9300.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
acl [ number ] acl-number [ match-order { auto | config } ]
A basic ACL is created.
To create a basic ACL, you can set the value of acl-number ranging from 2000 to 2999.
match-order indicates the match order of ACL rules.
l
l
If match-order is not used, the match order is config.
Step 3 Run:
rule [ rule-id ] { deny | permit } [ fragment | source { source-address source-
wildcard | any } | time-range time-name ]
An ACL rule is created.
----End
8.3.6 Configuring an Advanced ACL
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
acl [ number ] acl-number [ match-order { auto | config } ]
An advanced ACL is created.
To create an advanced ACL, the value of acl-number ranges from 3000 to 3999.
match-order indicates the match order of ACL rules.
l
l
If match-order is not used, the match order is config.
Step 3 Run the following command as required:
l
8-6
auto: indicates that the ACL rules are matched on the basis of depth first principle.
config: indicates that the rules are matched on the basis of the configuration order.
auto: indicates that the ACL rules are matched on the basis of depth first principle.
config: indicates that the rules are matched on the basis of the configuration order.
When protocol is specified as the Transmission Control Protocol (TCP) or the User Datagram
Protocol (UDP), run:
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
*
Issue 01 (2009-07-28)
Advertisement
Table of Contents
