Defining Layer 2 Acls; Configuration Prerequisites; Configuration Procedure - H3C S7500 Series Operation Manual

Operation Manual – ACL
H3C S7500 Series Ethernet Switches
rule 0 permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0
0.0.0.255 destination-port eq www (0 times matched)

1.7 Defining Layer 2 ACLs

Layer 2 ACLs define rules based on the Layer 2 information such as the source and
destination MAC address information, VLAN priority and Layer 2 protocol to process
packets.
The value range for Layer 2 ACL numbers is 4,000 to 4,999.

1.7.1 Configuration Prerequisites

Before configuring an ACL rule containing time range arguments, you need to define
the corresponding time ranges. For the configuration of time ranges, refer to
Configuring Time
The values of the source and destination MAC addresses, VLAN priority and Layer 2
protocol in the rule have been defined.

1.7.2 Configuration Procedure

Table 1-13 Create a Layer 2 ACL rule
To do...
Enter system view
Create or enter layer
2 ACL view
Define an ACL rule
Display ACL
information
rule-string: rule information, which can be combination of the parameters described in
Table 1-14.
Ranges.
Use the command...
system-view
acl { number acl-number |
name acl-name [ advanced
| basic | link | user ] }
[ match-order { config |
auto } ]
rule [ rule-id ] { permit |
deny } [ rule-string ]
display acl config { all |
acl-number | acl-name }
1-15
Chapter 1 ACL Configuration
Remarks
—
Required
By default, the match order
is config.
Required
If you do not specify the
rule-string argument, the
switch will choose ingress
any egress any by default.
Optional
This command can be
executed in any view.