1-12
Displaying ACL Configuration
After the above configuration, you can execute the display commands in any view to view the ACL
running information and verify the configuration.
Table 1-9 Display ACL configuration
Operation Command Description
Display a configured ACL or
all the ACLs
display acl { all | acl-number }
Display a time range or all
the time ranges
display time-range { all | time-name }
Display the information
about packet filtering
display packet-filter { global | interface
interface-type interface-number | port-group
[ group-id ] | unitid unit-id | vlan [ vlan-id ] }
Display the information
about remaining ACL
resources (supported on
S5100-EI series only)
display acl remaining entry
In any view.
Example for Upper-layer Software Referencing ACLs
Example for Controlling Telnet Login Users by Source IP
Network requirements
Apply an ACL to permit users with the source IP address of 10.110.100.52 to telnet to the switch.
Network diagram
Figure 1-1 Network diagram for controlling Telnet login users by source IP
Switch
PC
10.110.100.52
Internet
Configuration procedure
# Define ACL 2000.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 on VTY user interface to control Telnet login users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
To Next Page
Loading...
