Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
28
text: Specifies a remark, a case-sensitive string of 1 to 63 characters.
Usage guidelines
A rule range remark always appears immediately above the specified rule. If the specified rule has not
been created yet, the position of the comment in the ACL is as follows:
If the match order is config, the remark is inserted into the ACL in descending order of rule ID.
If the match order is auto, the remark is placed at the end of the ACL. After you create the rule, the
remark appears above the rule.
To display rule range remarks in an ACL, use the display this or display current-configuration.
When you delete rule range remarks, follow these guidelines:
If neither rule-id nor text is specified, all rule range remarks are removed.
Use the undo rule remark text command to remove all remarks that are the same as the text
argument.
Use the undo rule rule-id remark command to delete a specific rule range remark. If you also
specify the text argument, you must type in the remark the same as was specified to successfully
remove the remark.
When adding an end remark for a rule range, you can specify the end rule number plus 1 for the rule-id
argument so all rules in this range appears between the two remarks. You can also specify the end rule
number for the rule-id argument. In this approach, the end rule appears below the end remark.
Whichever approach you use, be consistent.
Examples
# Display the running configuration of IPv4 basic ACL 2000.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] display this
#
acl number 2000
rule 0 permit source 14.1.1.0 0.0.0.255
rule 5 permit source 10.1.1.1 0 time-range work-time
rule 10 permit source 192.168.0.0 0.0.0.255
rule 15 permit source 1.1.1.1 0
rule 20 permit source 10.1.1.1 0
rule 25 permit counting
#
return
# Add a start comment "Rules for VIP_start" and an end comment "Rules for VIP_end" for the rule range
10 to 25.
[Sysname-acl-basic-2000] rule 10 remark Rules for VIP_start
[Sysname-acl-basic-2000] rule 26 remark Rules for VIP_end
# Verify the configuration.
[Sysname-acl-basic-2000] display this
#
acl number 2000
rule 0 permit source 14.1.1.0 0.0.0.255
rule 5 permit source 10.1.1.1 0 time-range work-time
rule 10 remark Rules for VIP_start