Creating A User-Defined Acl - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
acl [ number ] acl-number
A layer 2 ACL is created based on the number.
Or, run:
acl name acl-name [ link | acl-number ]
A layer 2 ACL is created based on the name.
The value of a layer 2 ACL ranges from 4000 to 4999.
Step 3 Run:
rule [ rule-id ] { permit | deny } [ { ether-ii | 802.3 | snap } | l2-protocol type-
value [ type-mask ] | destination-mac dest-mac-address [ dest-mac-mask ] | source-
mac source-mac-address [ source-mac-mask ] | vlan-id vlan-id [ vlan-id-mask ] |
8021p 802.1p-value | cvlan-id cvlan-id [ cvlan-id-mask ] | cvlan-8021p 802.1p-
value | double-tag ]
An ACL rule is created.
----End
10.3.8 Creating a User-defined ACL
You can create a user-defined ACL to process data packets.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
acl [ number ] acl-number
A user-defined ACL is created based on the number.
Or, run:
acl name acl-name [ user | acl-number ]
A user-defined ACL is created based on the name.
The value of a customized ACL ranges from 5000 to 5999.
Step 3 Run:
rule [ rule-id ] { deny | permit } [ [ l2-head | ipv4-head | ipv6-head | l4-head ]
{ rule-string rule-mask offset } &<1-8> ] [ time-range time-range-name ]
Issue 01 (2011-07-15)
*
[ time-range time-range-name ]
NOTE
The user-defined ACL is applicable to only incoming traffic.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
10 ACL Configuration
230
Advertisement
Table of Contents
