Command Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches Chapter 1 ACL Commands
Huawei Technologies Proprietary
1-8
1.1.7 rule
Syntax
I. define/delete a rule for basic acl
rule [ rule-id ] { permit | deny } [source source-addr wildcard | any ] [ fragment ]
[ time-range name ]
undo rule rule-id [ source ] [ fragment ] [ time-range ]
II. define/delete a rule for advanced acl
rule [ rule-id ] { permit | deny } protocol [ source source-addr wildcard | any ]
[ destination dest-addr dest-mask | any ] [ source-port operator port1 [ port2 ] ]
[ destination-port operator port1 [ port2 ] ] [ icmp-type type code ] [ established ]
[ [ precedence precedence | tos tos ]* | dscp dscp ] [ fragment ] [ time-range name ]
undo rule rule-id [ source ] [ destination ] [ source-port ] [ destination-port ]
[ icmp-type ] [ precedence ] [ tos ] [ dscp ] [ fragment ] [ time-range ]
III. define/delete a rule for link acl
rule [ rule-id ] { permit | deny } [ ingress { { source-vlan-id | source-mac-addr |
interface { interface-name | interface-type interface-num } }* | any } ] [ egress
{ { destination-vlan-id | dest-mac-addr | interface { interface-name | interface-type
interface-num } }* | any } ] [ time-range name ]
undo rule rule-id
View
ACL view
Parameter
rule-id: Specifies a rule of an ACL with a number in the range of 0 to 127.
permit: Indicates to let the matched packets through.
deny: Indicates to reject the matched packets to pass through.
time-range name: Name of a time range, during which a rule takes effect.
 Note:
The following parameters are attributes carried by the data packets. The ACL rules are
defined according to the values of these parameters.
z The parameter for define a basic ACL