Assigning an ACL Globally
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Layer 2
Configure procedure
Table 1-6 Assign an ACL globally
Operation
Enter system view
Assign an ACL
globally
Configuration example
# Apply ACL 2000 globally to filter the inbound packets on all the ports.
<Sysname> system-view
[Sysname] packet-filter inbound ip-group 2000
Assigning an ACL to a VLAN
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Layer 2
Configuration procedure
Table 1-7 Assign an ACL to a VLAN
Operation
Enter system view
Apply an ACL to a VLAN
An ACL assigned to a VLAN takes effect only for the packets tagged with 802.1Q header. For more
information about 802.1Q header, refer to the VLAN part.
Configuring Basic
ACL, and section
Configuring an IPv6
Command
system-view
packet-filter inbound
acl-rule
Configuring Basic
ACL, and section
Configuring an IPv6
Command
system-view
packet-filter vlan vlan-id
inbound acl-rule
ACL, section
Configuring Advanced
ACL.
—
Required
For description on the acl-rule argument,
refer to ACL Command.
ACL, section
Configuring Advanced
ACL.
—
Required
For description on the acl-rule argument,
refer to ACL Command.
1-12
ACL, section
Description
ACL, section
Description