Defining Layer 2 Acls - 3Com 4200G 12-Port Configuration Manual

Configuration Example

Defining Layer 2 ACLs

Configuration
Preparation
If the protocol type is ICMP, you can also directly input the ICMP message name after
the icmp-type argument. Table 178 describes some common ICMP messages.
Table 178 ICMP messages
Name
echo
echo-reply
fragmentneed-DFset
host-redirect
host-tos-redirect
host-unreachable
information-reply
information-request
net-redirect
net-tos-redirect
net-unreachable
parameter-problem
port-unreachable
protocol-unreachable
reassembly-timeout
source-quench
source-route-failed
timestamp-reply
timestamp-request
ttl-exceeded
Configure ACL 3000 to permit ICMP packets to pass.
<S4200G> system-view
[4200G] acl number 3000
[4200G-acl-adv-3000] rule 0 permit icmp
[4200G-acl-adv-3000] display acl 3000
Advanced ACL 3000, 1 rule
Acl's step is 1
rule 0 permit icmp (0 times matched)
Layer 2 ACLs define rules based on the Layer 2 information such as the source and
destination MAC address information, VLAN priority and Layer 2 protocol to process
packets.
The value range for Layer 2 ACL numbers is 4,000 to 4,999.
Before configuring an ACL rule containing time range arguments, you need to
configure define the corresponding time ranges. For the configuration of time ranges,
refer to ?Advanced ACL.
The values of the source and destination MAC addresses, VLAN priority and Layer 2
protocol in the rule have been defined.
ICMP TYPE
Type=8
Type=0
Type=3
Type=5
Type=5
Type=3
Type=16
Type=15
Type=5
Type=5
Type=3
Type=12
Type=3
Type=3
Type=11
Type=4
Type=3
Type=14
Type=13
Type=11
Defining Layer 2 ACLs 207
ICMP CODE
Code=0
Code=0
Code=4
Code=1
Code=3
Code=1
Code=0
Code=0
Code=0
Code=2
Code=0
Code=0
Code=3
Code=2
Code=1
Code=0
Code=5
Code=0
Code=0
Code=0