F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100
1
ACL configuration commands
The following matrix shows the feature and hardware compatibility:
Hardware IPv6 ACL
com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 Yes
Firewall module Yes
U200-A Yes
U200-S No
acl
Use acl to create an IPv4 basic, IPv4 advanced, or Ethernet frame header ACL, and enter its view. If the
ACL has been created, you directly enter its view.
Use undo acl to delete the specified ACLs.
Syntax
acl number acl-number [ name acl-name ] [ match-order { auto | config } ]
undo acl { all | name acl-name | number acl-number }
Default
No ACL exists.
Views
System view
Default command level
2: System level
Parameters
number acl-number: Specifies the number of an access control list (ACL):
• 2000 to 2999 for IPv4 basic ACLs
• 3000 to 3999 for IPv4 advanced ACLs
• 4000 to 4999 for Ethernet frame header ACLs
name acl-name: Assigns a name to the ACL for easy identification. The acl-name argument takes a
case-insensitive string of 1 to 63 characters. It must start with an English letter and to avoid confusion, it
cannot be all.
match-order: Sets the order in which ACL rules are compared against packets:
• auto—Compares ACL rules in depth-first order. The depth-first order differs with ACL categories. For
more information, see Access Control Configuration Guide.