F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100
69
<Sysname> system-view
[Sysname] interzone source office destination library
[Sysname-interzone-office-library] move rule 5 before 2
move rule acl
Use move rule acl [ ipv6 ] to move an ACL in the interzone policy group.
Syntax
move rule acl [ ipv6 ] acl-number before insert-acl-number
Views
Interzone instance view
Default command level
2: System level
Parameters
acl-number: Specifies the number of the advanced IPv4 or IPv6 ACL to be moved. This argument ranges
from 3000 to 3999. If the ipv6 keyword is not specified, an IPv4 advanced ACL is specified. Otherwise,
an IPv6 advanced ACL is specified.
insert-acl-number: Specifies the ID of the IPv4 or IPv6 ACL before which the ACL specified by acl-number
is placed. This argument ranges from 3000 to 3999. If the ipv6 keyword is not specified, an IPv4
advanced ACL is specified. Otherwise, an IPv6 advanced ACL is specified.
The following matrix shows the keywords ipv6 and firewalls and UTM compatibility:
Hardware Ke
y
words com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 Yes
Firewall module Yes
U200-A Yes
U200-S No
Usage guidelines
When the insert-acl-number argument is the same as the acl-number argument or any of the ACLs
specified by the two arguments does not exist, no operation is performed.
Examples
# Move IPv4 advanced ACL 3002 before IPv4 advanced ACL 3001 for the interzone instance with
source zone office and destination zone library.
<Sysname> system-view
[Sysname] interzone source office destination library
[Sysname-interzone-office-library] move rule acl 3002 before 3001
reset interzone-policy counter
Use reset interzone-policy counter to clear interzone policy information.