Defining User-Defined Acls - Huawei Quidway S3900 Series Operation Manual

Operation Manual – ACL
Quidway S3900 Series Ethernet Switches-Release 1510
Parameter
dest
dest-mask
cos vlan-pri
time-range
time-name
type
protocol-type
protocol-mask
1.5.3 Configuration Example
# Configure ACL 4000 to deny packets whose 802.1p priority is 3.
<Quidway> system-view
[Quidway] acl number 4000
[Quidway-acl-ethernetframe-4000] rule deny cos 3
[Quidway-acl-ethernetframe-4000] display acl 4000
Ethernet frame ACL
Acl's step is 1
rule 0 deny cos excellent-effort

1.6 Defining User-Defined ACLs

Using a byte, which is specified through its offset from the packet header, in the packet
as the starting point, user-defined ACLs perform logical AND operations on packets
and compare the extracted string with the user-defined string to find the matching
packets for processing.
User-defined ACL numbers range from 5000 to 5999.
1.6.1 Configuration Preparation
To configure a time range-based ACL rule, you need first to define the corresponding
time range, as described in section 1.2 "Configuring Time Ranges".
Type
Destination
dest-addr
MAC address
information
Priority
Time range
information
Protocol type
of Ethernet
frames
4000, 1 rule
Huawei Technologies Proprietary
Function
dest-addr: destination MAC
Specifies the
address, in the format of
destination
H-H-H
MAC address
dest-mask: destination MAC
range in the
address mask, in the format
rule
of H-H-H
Defines the
802.1p vlan-pri: VLAN priority, in the
priority of the range of 0 to 7
rule
Specifies the time-name:
time range in name of the time range in
which the rule which the rule is active; a
is active string of 1 to 32 characters
Defines the
protocol-type: protocol type
protocol type
protocol-mask: protocol type
of Ethernet
mask
frames
1-13
Chapter 1 ACL Configuration
Description
specifies the