Use The Command; Interface-Number; Applying Acl Rules On Ports - 3Com 5500-EI PWR Install Manual

number is 65534, however, the system will display an error message and you need to
specify a number for the rule.
The content of a modified or created rule cannot be identical with the content of any
existing rules; otherwise the rule modification or creation will fail, and the system
prompts that the rule already exists.
Configuration example
# Configure ACL 5000 to deny all TCP packets, provided that VLAN-VPN is not enabled on
any port. In the ACL rule, 06 is the TCP protocol number, ff is the mask of the rule, and 27
is the protocol field offset of an internally processed IP packet.
<Sysname> system-view
[Sysname] acl number 5000
[Sysname-acl-user-5000] rule deny 06 ff 27
# Display the configuration information of ACL 5000.
[Sysname-acl-user-5000] display acl 5000
User defined ACL
Acl's step is 1
rule 0 deny 06 ff 27

Applying ACL Rules on Ports

By applying ACL rules on ports, you can filter packets on the corresponding ports.
Configuration prerequisites
You need to define an ACL before applying it on a port. For information about defining an
ACL, refer to
ACL, and Configuring User-defined
Configuration procedure
Follow these steps to apply ACL rules on a port:
To do...
Enter system view
Enter Ethernet port
view
Apply ACL rules on
the port
Configuration example
# Apply ACL 2000 on Ethernet 1/0/1 to filter inbound packets.
<Sysname> system-view
[Sysname] interface Ethernet 1/0/1
5000, 1 rule
Configuring Basic

Use the command...

system-view
interface interface-type

interface-number

packet-filter { inbound |
outbound } acl-rule
ACL, Configuring Advanced
ACL.
1-11
ACL, Configuring Layer 2
Remarks
—
—
Required
For information about acl-rule,
refer to ACL Commands.