H3C S5120-SI Series, Configuration Manual, Page: 15 / 65

6
To do… Use the command… Remarks
Configure a description for the
IPv4 basic ACL
description text
Optional
By default, an IPv4 basic ACL has
no ACL description.
Set the rule numbering step step step-value
Optional
5 by default.
Create or edit a rule
rule [ rule-id ] { deny | permit }
[ fragment | source { sour-addr
sour-wildcard | any } | time-range
time-range-name ] *
Required
By default, an IPv4 basic ACL does
not contain any rule.
To create or edit multiple rules,
repeat this step.
Configure or edit a rule description rule rule-id comment text
Optional
By default, an IPv4 ACL rule has no
rule description.
Add or edit a rule range remark rule [ rule-id ] remark text
Optional
By default, no rule range remarks
are configured.
Configuring an IPv6 basic ACL
Follow these steps to configure an IPv6 basic ACL:
To do… Use the command… Remarks
Enter system view system-view ––
Create an IPv6 basic ACL view and
enter its view
acl ipv6 number acl6-number
[ name acl6-name ] [ match-order
{ auto | config } ]
Required
By default, no ACL exists.
IPv6 basic ACLs are numbered in
the range 2000 to 2999.
You can use the
acl ipv6 name
acl6-name command to enter the
view of a named IPv6 ACL.
Configure a description for the
IPv6 basic ACL
description text
Optional
By default, an IPv6 basic ACL has
no ACL description.
Set the rule numbering step step step-value
Optional
5 by default
Create or edit a rule
rule [ rule-id ] { deny | permit }
[ fragment | source { ipv6-address
prefix-length |
ipv6-address / prefix-length | any }
| time-range time-range-name ] *
Required
By default, an IPv6 basic ACL does
not contain any rule.
To create or edit multiple rules,
repeat this step.
Configure or edit a rule description rule rule-id comment text
Optional
By default, an IPv6 basic ACL rule
has no rule description.