3Com Switch 4200G Configuration Guide
Defining Layer 2 ACLs 207
If the protocol type is ICMP, you can also directly input the ICMP message name after
the icmp-type argument. Table 178 describes some common ICMP messages.
Configuration Example Configure ACL 3000 to permit ICMP packets to pass.
<S4200G> system-view
[4200G] acl number 3000
[4200G-acl-adv-3000] rule 0 permit icmp
[4200G-acl-adv-3000] display acl 3000
Advanced ACL 3000, 1 rule
Acl's step is 1
rule 0 permit icmp (0 times matched)
Defining Layer 2 ACLs Layer 2 ACLs define rules based on the Layer 2 information such as the source and
destination MAC address information, VLAN priority and Layer 2 protocol to process
packets.
The value range for Layer 2 ACL numbers is 4,000 to 4,999.
Configuration
Preparation
Before configuring an ACL rule containing time range arguments, you need to
configure define the corresponding time ranges. For the configuration of time ranges,
refer to ?Advanced ACL.
The values of the source and destination MAC addresses, VLAN priority and Layer 2
protocol in the rule have been defined.
Table 178 ICMP messages
Name ICMP TYPE ICMP CODE
echo Type=8 Code=0
echo-reply Type=0 Code=0
fragmentneed-DFset Type=3 Code=4
host-redirect Type=5 Code=1
host-tos-redirect Type=5 Code=3
host-unreachable Type=3 Code=1
information-reply Type=16 Code=0
information-request Type=15 Code=0
net-redirect Type=5 Code=0
net-tos-redirect Type=5 Code=2
net-unreachable Type=3 Code=0
parameter-problem Type=12 Code=0
port-unreachable Type=3 Code=3
protocol-unreachable Type=3 Code=2
reassembly-timeout Type=11 Code=1
source-quench Type=4 Code=0
source-route-failed Type=3 Code=5
timestamp-reply Type=14 Code=0
timestamp-request Type=13 Code=0
ttl-exceeded Type=11 Code=0