10
Displaying and maintaining ACLs
Task Command
Remarks
Display configuration and match
statistics for IPv4 basic, IPv4
advanced, and Ethernet frame
header ACLs.
display
acl
{
acl-number
|
all
|
name
acl-name
} [
slot
slot-number
] [
|
{
begin
|
exclude
|
include
}
regular-expression
]
Available in any view.
Display information about the
ACL acceleration feature.
display
acl accelerate
{
acl-number
|
all
} [
|
{
begin
|
exclude
|
include
}
regular-expression
]
Available in any view.
Display configuration and match
statistics for IPv6 basic and IPv6
advanced ACLs.
display
acl
ipv6
{
acl6-number
|
all
|
name
acl6-name
} [
slot
slot-number
] [
|
{
begin
|
exclude
|
include
}
regular-expression
]
Available in any view.
Display the usage of ACL rules.
(See the following matrix for
information about the support for
the command.)
display acl resource
[
slot
slot-number
] [
|
{
begin
|
exclude
|
include
}
regular-expression
]
Available in any view.
Display the configuration and
status of one or all time ranges.
display time-range
{
time-range-name
|
all
}
[
|
{
begin
|
exclude
|
include
}
regular-expression
]
Available in any view.
Clear statistics for one or all IPv4
basic, IPv4 advanced, and
Ethernet frame header ACLs.
reset
acl
counter
{
acl-number
|
all
|
name
acl-name
}
Available in user view.
Clear statistics for one or all IPv6
basic and advanced ACLs.
reset
acl
ipv6
counter
{
acl6-number
|
all
|
name
acl6-name
}
Available in user view.
The following matrix shows the
display acl resource
command and hardware compatibility:
Hardware Compatibility
HSR6602 No
6604/6608/6616
•
Routers with RPE-X1 or RSE-X1 installed: Yes
•
Routers with MCP installed: No
ACL configuration examples
IPv4 advanced ACL configuration examples
Network requirements
A company interconnects its departments through Router A. Configure an ACL to:
•
Permit access from the President office at any time to the financial database server.
•
Permit access from the Financial department to the database server only during working hours
(from 8:00 to 18:00) on working days.
•
Deny access from any other department to the database server.
Содержание FlexNetwork 6600
Страница 106: ...99 Rule s If match acl 2000 Behavior behavior_1 Accounting Enable 28529 Packets ...
Страница 146: ...139 Figure 53 Implementing HQoS through interface level hierarchical CAR ...
Страница 147: ...140 ...