33
If you do not specify optional parameters, the undo rule rule-id command deletes the entire rule. If
you specify optional parameters, the undo rule-id rule command deletes the specified attributes.
The undo rule { deny | permit } command can only be used to delete the entire rule. You must
specify all the attributes of the rule for the command.
The counting keyword in this command enables match counting specific to rules, and the
hardware-count keyword in the packet-filter command enables match counting for all rules in an
ACL.
Examples
# Create a rule in Layer 2 ACL 4000 to permit ARP packets and deny RARP packets.
<Sysname> system-view
[Sysname] acl mac 4000
[Sysname-acl-mac-4000] rule permit type 0806 ffff
[Sysname-acl-mac-4000] rule deny type 8035 ffff
Related commands
acl
display acl
step
time-range
rule comment
Use rule comment to configure a comment for an ACL rule.
Use undo rule comment to delete an ACL rule comment.
Syntax
rule rule-id comment text
undo rule rule-id comment
Default
A rule does not have a comment.
Views
IPv4 basic/advanced ACL view
IPv6 basic/advanced ACL view
Layer 2 ACL view
Predefined user roles
network-admin
Parameters
rule-id: Specifies an ACL rule ID in the range of 0 to 65534. The ACL rule must already exist.
text: Specifies a comment about the ACL rule, a case-sensitive string of 1 to 127 characters.
Usage guidelines
This command adds a comment to a rule if the rule does not have a comment. It modifies the
comment for a rule if the rule already has a comment.
Examples
# Create a rule for IPv4 basic ACL 2000, and add a comment about the rule.
To Next Page
Loading...
