Rule (In Advanced Ipv4 Acl View) - 3Com S7906E Command Reference Manual

than the current highest rule ID. For example, if the rule numbering step is 5 and the current highest
rule ID is 28, the next rule will be numbered 30.
You may use the display acl command to verify rules configured in an ACL. If the match order for
this ACL is auto, rules are displayed in the depth-first match order rather than by rule number.
For a basic IPv4 ACL rule to be referenced by a QoS policy for traffic classification, the logging and
vpn-instance keywords are not supported.
Examples
# Create a rule to deny packets with the source IP address 1.1.1.1.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule deny source 1.1.1.1 0

rule (in advanced IPv4 ACL view)

Syntax
rule [ rule-id ] { deny | permit } protocol [ destination { dest-addr dest-wildcard | any } |
destination-port operator port1 [ port2 ] | dscp dscp | fragment | icmp-type { icmp-type icmp-code |
icmp-message } | logging | precedence precedence | reflective | source { sour-addr sour-wildcard |
any } | source-port operator port1 [ port2 ] | time-range time-range-name | tos tos | vpn-instance
vpn-instance-name ] *
undo rule rule-id [ destination | destination-port | dscp | fragment | icmp-type | logging |
precedence | reflective | source | source-port | time-range | tos | vpn-instance ] *
View
Advanced IPv4 ACL view
Default Level
2: System level
Parameters
rule-id: Advanced IPv4 ACL rule number in the range 0 to 65534.
deny: Defines a deny statement to drop matched packets.
permit: Defines a permit statement to allow matched packets to pass.
protocol: Protocol carried by IP. It can be a number in the range 0 to 255, or in words, gre (47), icmp (1),
igmp (2), ip, ipinip (4), ospf (89), tcp (6), udp (17).
1-12