EasyManuals Logo

H3C S5120-EI Series User Manual

H3C S5120-EI Series
1166 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #817 background imageLoading...
Page #817 background image
2-6
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0
0.0.0.255 destination-port eq 80
# Verify the configuration.
[Sysname-acl-adv-3000] display acl 3000
Advanced ACL 3000, named -none-, 1 rule,
ACL's step is 5
rule 0 permit tcp source 129.9.0.0 0.0.255.255 destination 202.38.160.0 0.0.0.255
destination-port eq www (5 times matched)
Configuring an Ethernet Frame Header ACL
Ethernet frame header ACLs match packets based on Layer 2 protocol header fields such as source
MAC address, destination MAC address, 802.1p priority (VLAN priority), and link layer protocol type.
They are numbered in the range 4000 to 4999.
Configuration Prerequisites
If you want to reference a time range in a rule, define it with the time-range command first.
Configuration Procedure
Follow these steps to configure an Ethernet frame header ACL:
To do… Use the command… Remarks
Enter system view
system-view
––
Create an Ethernet
frame header ACL
and enter its view
acl number acl-number [ name
acl-name ] [ match-order { auto |
config } ]
Required
The default match order is config.
If you specify a name for an IPv4 ACL
when creating the ACL, you can use
the acl name acl-name command to
enter the view of the ACL later.
Create or modify a
rule
rule [ rule-id ] { deny | permit } [ cos
vlan-pri | dest-mac dest-addr
dest-mask | lsap lsap-code
lsap-wildcard | source-mac
sour-addr source-mask | time-range
time-range-name | type type-code
type-wildcard ] *
Required
To create or modify multiple rules,
repeat this step.
Note that the lsap keyword is not
supported if the ACL is to be
referenced by a QoS policy for traffic
classification.
Set the rule
numbering step
step step-value
Optional
5 by default
Configure a
description for the
Ethernet frame
header ACL
description text
Optional
By default, an Ethernet frame header
ACL has no ACL description.
Configure a rule
description
rule rule-id comment text
Optional
By default, an Ethernet frame header
ACL rule has no rule description.

Table of Contents

Other manuals for H3C S5120-EI Series

Preview: Installation Manual
Installation Manual96 pages
Preview: Command Reference
Command Reference242 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Configuration Guide
Configuration Guide144 pages
Preview: Configuration Commands
Configuration Commands29 pages
Preview: Irf Command Reference
Irf Command Reference32 pages
Preview: Installation, Quick Start
Installation, Quick Start31 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C S5120-EI Series and is the answer not in the manual?

H3C S5120-EI Series Specifications

General IconGeneral
BrandH3C
ModelS5120-EI Series
CategorySwitch
LanguageEnglish

Related product manuals