HP MSR2000/3000/4000 Router Series ACL and QoS Configuration Guide
8
Ste
p
Command Remarks
2. Create an Ethernet frame
header ACL and enter its
view.
acl number acl-number [ name
acl-name ] [ match-order { auto |
config } ]
By default, no ACL exists.
Ethernet frame header ACLs are
numbered in the range of 4000 to
4999.
You can use the acl name acl-name
command to enter the view of a
named ACL.
3. (Optional.) Configure a
description for the Ethernet
frame header ACL.
description text
By default, an Ethernet frame
header ACL has no ACL
description.
4. (Optional.) Set the rule
numbering step.
step step-value The default setting is 5.
5. Create or edit a rule.
rule [ rule-id ] { deny | permit } [ cos
vlan-pri | counting | dest-mac
dest-address dest-mask | { lsap
lsap-type lsap-type-mask | type
protocol-type protocol-type-mask }
| source-mac source-address
source-mask | time-range
time-range-name ] *
By default
,
an Ethernet frame
header ACL does not contain any
rule.
6. (Optional.) Add or edit a rule
comment.
rule rule-id comment text
By default, no rule comments are
configured.
Configuring a user-defined ACL
User-defined ACLs allow you to customize rules based on information in protocol headers. You can
define a user-defined ACL to match packets in which a specific number of bytes after the specified offset
(relative to the specified header), matches the specified match pattern after being ANDed with a match
pattern mask.
To configure a user-defined ACL:
Ste
p
Command Remarks
1. Enter system view.
system-view N/A
2. Create a user-defined ACL
and enter its view.
acl number acl-number [ name
acl-name ]
By default, no ACL exists.
User-defined ACLs are numbered
in the range of 5000 to 5999.
You can use the acl name acl-name
command to enter the view of a
named ACL.
3. (Optional.) Configure a
description for the
user-defined ACL.
description text
By default, a user-defined ACL has
no ACL description.