Applying An Acl For Packet Filtering - H3C S5120-EI Series Configuration Manual

To do...
Enter system view
Copy an existing IPv4 ACL to
create a new IPv4 ACL
Copying an IPv6 ACL
Follow these steps to copy an IPv6 ACL:
To do...
Enter system view
Copy an existing IPv6 ACL to
generate a new one of the same
category
The generated ACL does not take the name of the source ACL.

Applying an ACL for Packet Filtering

You can apply an ACL to filter incoming IPv4 or IPv6 packets.
Configure an interval for generating and outputting packet filtering logs. The log information includes
the number of matching packets and the ACL rules used in an interval.
ACLs on VLAN interfaces filter only packets forwarded at Layer 3.
The system logs only traffic for basic and advanced ACL rules that have the logging keyword.
The packet filtering logs are sent with the informational severity level to the information center. For
information about the information center, see Information Center Configuration in the Network
Management and Monitoring Configuration Guide.
Applying an IPv4 ACL for Packet Filtering
Follow these steps to apply an IPv4 ACL for packets filtering:
Use the command...
system-view
acl copy { source-acl-number |
name source-acl-name } to
{ dest-acl-number | name
dest-acl-name }
Use the command...
system-view
acl ipv6 copy
{ source-acl6-number | name
source-acl6-name } to
{ dest-acl6-number | name
dest-acl6-name }
1-14
Remarks
—
Required
Remarks
—
Required