Ipv4 Acl Configuration Commands - H3C S7500E Series Command Manual

Command Manual – ACL
H3C S7500E Series Ethernet Switches
Examples
# Create an absolute time range named test, setting it to become active from 00:00 on
January 1, 2008.
<Sysname> system-view
[Sysname] time-range test from 0:0 2008/1/1
# Create a periodic time range named test, setting it to be active between 14:00 and
18:00 on Saturday and Sunday.
<Sysname> system-view
[Sysname] time-range test 14:00 to 18:00 off-day

1.2 IPv4 ACL Configuration Commands

1.2.1 acl
Syntax
acl number acl-number [ name acl-name ] [ match-order { auto | config } ]
undo acl { all | name acl-name | number acl-number }
View
System view
Parameters
number: Defines a numbered access control list (ACL).
acl-number: IPv4 ACL number, in the range of 2000 to 4999.
2000 to 2999 for basic IPv4 ACLs
3000 to 3999 for advanced IPv4 ACLs
4000 to 4999 for Ethernet frame header ACLs
name acl-name: Specifies the name of the ACL, which is a case insensitive string of 1
to 32 characters. It must start with an English letter and cannot be the English word of
all to avoid confusion.
match-order: Sets the order in which ACL rules are matched.
auto: Performs depth-first match.
config: Performs matching against rules in the order in which they are configured.
all: All IPv4 ACLs.
Description
Use the acl command to enter IPv4 ACL view. If the ACL does not exist, it is created
first.
Use the undo acl command to remove a specified or all IPv4 ACLs.
Chapter 1 ACL Configuration Commands
1-6