R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101
15
To do… Use the command…
Remarks
Enable ACL acceleration for an IPv4
ACL
acl accelerate number acl-number
Required
Disabled by default.
The ACL must exist.
Only IPv4 basic ACLs and
advanced ACLs support ACL
acceleration.
NOTE:
• ACL acceleration is not available for ACLs that contain a non-contiguous wildcard mask.
• After you modify an IPv4 ACL with ACL acceleration enabled, disable and re-enable ACL acceleration
to ensure correct rule matching.
Displaying and maintaining ACLs
To do… Use the command…
Remarks
Display configuration and match
statistics for one or all IPv4 ACLs
display acl { acl-number | all |
name acl-name }
Available in any view
Display information about the IPv4
ACL acceleration feature
display acl accelerate
{ acl-number | all }
Available in any view
Clear statistics for one or all IPv4
ACLs
reset acl counter { acl-number |
all | name acl-name }
Available in user view
ACL configuration examples
For more information, see NAT Configuration in NAT and ALG Configuration Guide.
Configuration guidelines
1. Within an ACL, the permit or deny statement of each rule must be unique. If the ACL rule you are
creating or editing has the same deny or permit statement as another rule in the ACL, your creation
or editing attempt will fail.
2. You can edit ACL rules only when the match order is config..
3. After you modify an IPv4 ACL with ACL acceleration enabled, disable and re-enable ACL
acceleration to ensure correct rule matching.