3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
1-24
[3Com-acl-ethernetframe-4000] rule deny cos 3 source 000d-88f5-97ed
ffff-ffff-ffff dest 0011-4301-991e ffff-ffff-ffff
1.1.16 rule (user-defined ACL)
Syntax
rule
[
rule-id
] {
permit
|
deny
} {
rule-string
rule-mask
offset
} &<1-8> [
time-range
time-name
]
undo
rule
rule-id
View
User-defined ACL view
Parameter
rule-id
: ACL rule ID, in the range of 0 to 127.
deny
: Drops packets that satisfy the condition.
permit
: Permits packets that satisfy the condition to pass.
rule-string
: User-defined string of the rule. It must be an even number containing 2 to
160 hexadecimal characters.
rule-mask
: User-defined mask of the rule. It is used to perform the logical AND
operations with packets and must be an even number containing 2 to 160 hexadecimal
characters. Note that its length must be the same with that of
rule-string
.
offset
: Mask offset of the rule. It specifies a byte, through its offset from the packet
header, in the packet as the starting point to perform logical AND operations. It ranges
from 0 to 79 bytes, and the maximum value becomes one byte less when the value of
rule-string
(and
rule-mask
) has two more characters. For example, when
rule-string
and
rule-mask
contains two characters respectively, the maximum value of
offset
is 79
bytes; when the former contains four characters respectively, the maximum value of
offset
is 78 bytes, and so on.
&<1-8>: At most eight rules can be defined at one time.
time-range
time-name
: Specifies a time range within which the rule is valid.
Description
Use the
rule
command to define an ACL rule.
Use the
undo rule
command to delete an ACL rule or the attribute information of an
ACL rule.
Before you can delete a rule, you need to specify the rule ID. If you do not know the
rule ID, you can view it by the
display acl
command.
In the case that you specify the rule ID when defining a rule: