H3C S5120-SI Series Command Reference Manual page 582
Hide thumbs
Also See for S5120-SI Series:
- Configuration manual (745 pages) ,
- Operation manual (697 pages) ,
- Command reference manual (209 pages)
Table of Contents
Advertisement
undo rule rule-id [ { established | { ack | fin | psh | rst | syn | urg } * } | destination | destination-port
| dscp | fragment | icmp-type | logging | precedence | reflective | source | source-port |
time-range | tos ] *
View
Advanced ACL view
Default Level
2: System level
Parameters
rule-id: Specifies a rule ID, which ranges from 0 to 65534. If no rule ID is not provided when you create
an ACL rule, the system automatically assigns it a rule ID. This rule ID takes the nearest higher multiple
of the numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering
step is 5 and the current highest rule ID is 28, the rule is numbered 30.
deny: Drops matching packets.
permit: Allows matching packets to pass.
protocol: Protocol carried by IPv4. It can be a number in the range 0 to 255, or in words, gre (47), icmp
(1), igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17).
be specified after the protocol argument.
Table 1-4 Match criteria and other rule information for advanced ACL rules
Parameters
source { sour-addr
sour-wildcard | any }
destination { dest-addr
dest-wildcard | any }
precedence precedence
tos tos
dscp dscp
Function
Specifies a source
address.
Specifies a destination
address.
Specifies an IP
precedence value.
Specifies a ToS
preference.
Specifies a DSCP priority.
1-9
Table 1-4
describes the parameters that can
Description
The sour-addr sour-wildcard arguments
represent a source IP address in dotted
decimal notation. An all-zero wildcard
specifies a host address.
The any keyword specifies any source IP
address.
The dest-addr dest-wildcard arguments
represent a destination IP address in
dotted decimal notation. An all-zero
wildcard specifies a host address.
The any keyword represents any
destination IP address.
The precedence argument can be a
number in the range 0 to 7, or in words,
routine (0), priority (1), immediate (2),
flash (3), flash-override (4), critical (5),
internet (6), or network (7).
The tos argument can be a number in the
range 0 to 15, or in words, max-reliability
(2), max-throughput (4), min-delay (8),
min-monetary-cost (1), or normal (0).
The dscp argument can be a number in the
range 0 to 63, or in words, af11 (10), af12
(12), af13 (14), af21 (18), af22 (20), af23
(22), af31 (26), af32 (28), af33 (30), af41
(34), af42 (36), af43 (38), cs1 (8), cs2 (16),
cs3 (24), cs4 (32), cs5 (40), cs6 (48), cs7
(56), default (0), or ef (46).
Advertisement
Chapters
Table of Contents
