3Com 7700 Configuration Manual page 199
Hide thumbs
Also See for 7700:
- Configuration manual (390 pages) ,
- Installation manual (59 pages) ,
- Datasheet (8 pages)
Table of Contents
Advertisement
the packet priority to process the data packets. The advanced ACL supports the
analyses of three kinds of packet priorities, ToS (Type of Service), IP, and DSCP
priorities.
Perform the following configuration in designated view.
Table 5 Define Advanced ACL
Operation
Enter advanced ACL view (from
system view)
Add a sub-item to the ACL (from
advanced ACL view)
Delete a sub-item from the ACL
(from advanced ACL view)
Delete one ACL or all the ACL
(from system view)
The advanced ACL is identified with numbers ranging from 100 to 199.
Note that port1 and port2 in this command specify the TCP or UDP ports used by
various high-layer applications. For some common port numbers, you can use the
mnemonic symbols as shortcut. For example, "bgp" can represent the TCP
number 179 used by BGP.
Note: For some switches, the protocol type (the parameter protocol in the rule
command) cannot be configured if the user configures the IP-any rules ( the
source IP address is the host IP address, the destination address is the host IP
address or NET segment address in the rules). Otherwise, the system displays a
message that the configuration is not available.
Define Interface ACL
The rules of the interface ACL are defined on the basis of the packets' Layer-3
interface to analyze the data packets.
Perform the following configuration in the designated view.
Table 6 Define Interface ACL
Operation
Enter interface ACL view(from
system view)
Add a sub-item to the
ACL(from interface ACL view)
Delete a sub-item from the
ACL(from interface ACL view)
Delete one ACL or all the
ACL(from system view)
Command
acl { number acl-number | name acl-name advanced } [
match-order { config | auto } ]
rule [ rule-id ] { permit | deny } protocol [ source
source-addr source-wildcard | any ] [ destination
dest-addr dest-mask | any ] [ soure-port operator port1
[ port2 ] ] [ destination-port operator port1 [ port2 ] ] [
icmp-type icmp-type icmp-code ] [ established ] [
precedence precedence ] [ tos tos ] [ dscp dscp ] [
fragment ] [ time-range name ]
undo rule rule-id [ source ] [ destination ] [ soure-port
] [ destination-port ] [ precedence ] [ tos ] [ dscp ] [
fragment ] [ time-range ]
undo acl { number acl-number | name acl-name | all }
Command
acl { number acl-number | name acl-name interface } [
match-order { config | auto } ]
rule [ rule-id ] { permit | deny } [ interface { interface-name |
interface-type interface-num | any } ] [ time-range name ]
undo rule rule-id
undo acl { number acl-number | name acl-name | all }
Configuring ACL
191
Advertisement
Table of Contents
Troubleshooting
