3Com S7906E Configuration Manual page 2039

To do...
Set a rule numbering
step
Create an IPv4 ACL
description
Create a rule description
Note that:
You can only modify the existing rules of an ACL that uses the match order of config. When
modifying a rule of such an ACL, you may choose to change just some of the settings, in which
case the other settings remain the same.
You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an
existing rule in the ACL.
When the ACL match order is auto, a newly created rule will be inserted among the existing rules in
the depth-first match order. Note that the IDs of the rules still remain the same.
You can modify the match order of an ACL with the acl number acl-number [ name acl-name ]
match-order { auto | config } command but only when it does not contain any rules.
The rule specified in the rule comment command must have existed.
Configuration Examples
# Create IPv4 ACL 3000, permitting TCP packets with port number 80 sent from 129.9.0.0 to
202.38.160.0 to pass.
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0
0.0.0.255 destination-port eq 80
# Verify the configuration.
[Sysname-acl-adv-3000] display acl 3000
Advanced ACL 3000, named -none-, 1 rule,
ACL's step is 5
rule 0 permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0 0.0.0.255
destination-port eq www
Use the command...
step step-value
description text
rule rule-id comment text
2-5
Remarks
Optional
The default step is 5.
Optional
By default, no IPv4 ACL
description is present.
Optional
By default, no rule description
is present.