Command Manual – ACL
H3C S7500E Series Ethernet Switches
Chapter 1 ACL Configuration Commands
1-6
Examples
# Create an absolute time range named test, setting it to become active from 00:00 on
January 1, 2008.
<Sysname> system-view
[Sysname] time-range test from 0:0 2008/1/1
# Create a periodic time range named test, setting it to be active between 14:00 and
18:00 on Saturday and Sunday.
<Sysname> system-view
[Sysname] time-range test 14:00 to 18:00 off-day
1.2 IPv4 ACL Configuration Commands
1.2.1 acl
Syntax
acl
number
acl-number
[
name
acl-name
] [
match-order
{
auto
|
config
} ]
undo
acl
{
all | name acl-name
|
number
acl-number
}
View
System view
Parameters
number
: Defines a numbered access control list (ACL).
acl-number
: IPv4 ACL number, in the range of 2000 to 4999.
z
2000 to 2999 for basic IPv4 ACLs
z
3000 to 3999 for advanced IPv4 ACLs
z
4000 to 4999 for Ethernet frame header ACLs
name acl-name
: Specifies the name of the ACL, which is a case insensitive string of 1
to 32 characters. It must start with an English letter and cannot be the English word of
all to avoid confusion.
match-order
: Sets the order in which ACL rules are matched.
z
auto
: Performs depth-first match.
z
config
: Performs matching against rules in the order in which they are configured.
all
: All IPv4 ACLs.
Description
Use the
acl
command to enter IPv4 ACL view. If the ACL does not exist, it is created
first.
Use the
undo
acl
command to remove a specified or all IPv4 ACLs.