![H3C S5120-EI Series Скачать руководство пользователя страница 710](http://html2.mh-extra.com/html/h3c/s5120-ei-series/s5120-ei-series_operation-manual_3690844710.webp)
2-4
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule deny source 1.1.1.1 0
# Verify the configuration.
[Sysname-acl-basic-2000] display acl 2000
Basic ACL 2000, named -none-, 1 rule,
ACL's step is 5
rule 0 deny source 1.1.1.1 0 (5 times matched)
Configuring an Advanced IPv4 ACL
Advanced IPv4 ACLs match packets based on source IP address, destination IP address, protocol
carried over IP, and other protocol header fields, such as the TCP/UDP source port number, TCP/UDP
destination port number, TCP flag, ICMP message type, and ICMP message code.
In addition, advanced IPv4 ACLs allow you to filter packets based on three priority criteria: type of
service (ToS), IP precedence, and differentiated services codepoint (DSCP) priority.
Advanced IPv4 ACLs are numbered in the range 3000 to 3999. Compared with basic IPv4 ACLs, they
allow of more flexible and accurate filtering.
Configuration Prerequisites
If you want to reference a time range in a rule, define it with the
time-range
command first.
Configuration Procedure
Follow these steps to configure an advanced IPv4 ACL:
To do…
Use the command…
Remarks
Enter system view
system-view
––
Create an advanced
IPv4 ACL and enter its
view
acl number
acl-number
[
name
acl-name
]
[
match-order
{
auto
|
config
} ]
Required
The default match order is
config
.
If you specify a name for an IPv4
ACL when creating the ACL, you can
use the
acl
name
acl-name
command to enter the view of the
ACL later.
Содержание S5120-EI Series
Страница 139: ...ii...
Страница 268: ...3 3 SwitchB system view SwitchB interface vlan interface 1 SwitchB Vlan interface1 ip address dhcp alloc...
Страница 328: ...i Table of Contents 1 Dual Stack Configuration 1 1 Dual Stack Overview 1 1 Configuring Dual Stack 1 1...
Страница 578: ...1 21 C...
Страница 739: ...1 12 Enable ARP detection based on 802 1X security entries SwitchB arp detection mode dot1x...
Страница 926: ...2 8...
Страница 942: ...ii Single Device Upgrade 3 4 IRF System Upgrade 3 5...
Страница 985: ...1 1...
Страница 1018: ...1 6...