R2511-HP MSR Router Series ACL and QoS Command Reference(V5)
2
match-order: Sets the order in which ACL rules are compared against packets:
• auto—Compares ACL rules in depth-first order. The depth-first order differs with ACL categories. For
more information, see ACL and QoS Configuration Guide.
• config—Compares ACL rules in ascending order of rule ID. The rule with a smaller ID has higher
priority. If no match order is specified, the config order applies by default.
The match-order keyword is not available for user-defined or WLAN ACLs. They always use the config
order.
all: Deletes all WLAN, IPv4 basic, IPv4 advanced, Ethernet frame header, or user-defined ACLs.
Usage guidelines
You can assign a name to an ACL only when you create it. After an ACL is created with a name, you
cannot rename it or remove its name.
You can change match order only for ACLs that do not contain any rules.
To display any ACLs you have created, use the display acl command.
Examples
# Create IPv4 basic ACL 2000, and enter its view.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000]
# Create IPv4 basic ACL 2001 with the name flow, and enter its view.
<Sysname> system-view
[Sysname] acl number 2001 name flow
[Sysname-acl-basic-2001-flow]
acl copy
Use acl copy to create a WLAN, IPv4 basic, IPv4 advanced, Ethernet frame header, or user-defined ACL
by copying an ACL that already exists. The new ACL has the same properties and content as the source
ACL, but not the same ACL number and name.
Syntax
acl copy { source-acl-number | name source-acl-name } to { dest-acl-number | name dest-acl-name }
Views
System view
Default command level
2: System level
Parameters
source-acl-number: Specifies an existing source ACL by its number:
• 100 to 199 for WLAN ACLs
• 2000 to 2999 for IPv4 basic ACLs
• 3000 to 3999 for IPv4 advanced ACLs
• 4000 to 4999 for Ethernet frame header ACLs
• 5000 to 5999 for user-defined ACLs