1-12
Assigning an ACL Globally
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Basic ACL, section Configuring Advanced ACL, section
Configuring Layer 2 ACL, and section Configuring an IPv6 ACL.
Configure procedure
Table 1-6 Assign an ACL globally
Operation Command Description
Enter system view
system-view
—
Assign an ACL
globally
packet-filter inbound
acl-rule
Required
For description on the acl-rule argument,
refer to ACL Command.
Configuration example
# Apply ACL 2000 globally to filter the inbound packets on all the ports.
<Sysname> system-view
[Sysname] packet-filter inbound ip-group 2000
Assigning an ACL to a VLAN
Configuration prerequisites
Before applying ACL rules to a VLAN, you need to define the related ACLs. For information about
defining an ACL, refer to section
Configuring Basic ACL, section Configuring Advanced ACL, section
Configuring Layer 2 ACL, and section Configuring an IPv6 ACL.
Configuration procedure
Table 1-7 Assign an ACL to a VLAN
Operation Command Description
Enter system view
system-view
—
Apply an ACL to a VLAN
packet-filter vlan vlan-id
inbound acl-rule
Required
For description on the acl-rule argument,
refer to ACL Command.
An ACL assigned to a VLAN takes effect only for the packets tagged with 802.1Q header. For more
information about 802.1Q header, refer to the VLAN part.
To Next Page
Loading...
Need help?
General