4000 Router Series ACL and QoS Command Reference

Views

Interface view

Predefined user roles

network-admin

Parameters

acl-number: Specifies an ACL by its number:

• 2000 to 2999 for IPv4 basic ACLs if the ipv6 keyword is not specified and for IPv6 basic ACLs if

the ipv6 keyword is specified.

• 3000 to 3999 for IPv4 advanced ACLs s if the ipv6 keyword is not specified and for IPv6 advanced

ACLs if the ipv6 keyword is specified.

• 4000 to 4999 for Ethernet frame header ACLs. This entry is not displayed if the ipv6 keyword is

specified.

• 5000 to 5999 for user-defined ACLs. This entry is not displayed if the ipv6 keyword is specified.

name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to

63 characters. It must start with an English letter. For a basic ACL or advanced ACL, if you do not specify

the ipv6 keyword, this option specifies the name of an IPv4 basic ACL or advanced ACL. If you specify

the ipv6 keyword, this option specifies the name of an IPv6 basic ACL or advanced ACL.

inbound: Filters incoming packets.

outbound: Filters outgoing packets.

Examples

# Apply IPv4 basic ACL 2001 to filter incoming traffic on Ethernet 1/1.

<Sysname> system-view

[Sysname] interface ethernet 1/1

[Sysname-Ethernet1/1] packet-filter 2001 inbound

Related commands

• display packet-filter

• display packet-filter statistics

• display packet-filter verbose

packet-filter default deny

Use packet-filter default deny to set the packet filtering default action to deny. The packet filter denies

packets that do not match any ACL rule.

Use undo packet-filter default deny to restore the default.

Syntax

packet-filter default deny

undo packet-filter default deny

Default

The packet filter permits packets that do not match any ACL rule.