Acl's step is 1
rule 0 deny 06 ff 27
Applying ACL Rules on Ports
By applying ACL rules on ports, you can filter packets on the corresponding ports.
Configuration prerequisites
You need to define an ACL before applying it on a port. For information about defining an ACL, refer to
Configuring Basic
User-defined
ACL.
Configuration procedure
Follow these steps to apply ACL rules on a port:
To do...
Enter system view
Enter Ethernet port view
Apply ACL rules on the
port
Configuration example
# Apply ACL 2000 on Ethernet 1/0/1 to filter inbound packets.
<Sysname> system-view
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] packet-filter inbound ip-group 2000
Applying ACL rules to Ports in a VLAN
By applying ACL rules to ports in a VLAN, you can add filtering of packets on all the ports in the VLAN.
Note:
The ACL rules are only applied to ports that are in the VLAN at the time the packet-filter vlan
command is executed. In other words:
A port joining the VLAN later will not use the ACL rules for packet filtering.
A port leaving the VLAN later will keep using the ACL rules for packet filtering.
Configuration prerequisites
Before applying ACL rules to ports in a VLAN, you need to define the related ACLs. For information
about defining an ACL, refer to
ACL, and
Configuring User-defined
ACL,
Configuring Advanced
Use the command...
system-view
interface interface-type
interface-number
packet-filter { inbound |
outbound } acl-rule
Configuring Basic
ACL.
ACL,
Configuring Layer 2
—
—
Required
For information about acl-rule, refer
to ACL Commands.
ACL,
Configuring Advanced
1-10
ACL, and
Configuring
Remarks
ACL,
Configuring Layer 2