Manualshelf

3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
601602603604605606607608609610
Defining Layer 2 ACLs 603
In the case that you specify the rule ID when defining a rule:
If the rule corresponding to the specified rule ID already exists, you will edit the
rule, and the modified part in the rule will replace the original content, while
other parts remain unchanged.
If the rule corresponding to the specified rule ID does not exists, you will create
and define a new rule.
The content of a newly created rule must not be identical with the content of
any existing rule; otherwise the rule creation will fail, and the system will
prompt that the rule already exists.
If you do not specify a rule ID, you will create and define a new rule, and the
system will assign an ID for the rule automatically.
Configuration Example # Configure ACL 3000 to permit ICMP packets to pass. The port number of the
packets is 80, the source network segment of packets is 129.9.0.0, and the
destination network segment is 202.38.160.0
<SW7750> system-view
[SW7750] acl number 3000
[SW7750-acl-adv-3000] rule permit tcp source 129.9.0.0 0.0.255.255
destination 202.38.160.0 0.0.0.255 destination-port eq 80
[SW7750-acl-adv-3000] display acl config 3000
Advanced ACL 3000, 1 rule,
rule 0 permit tcp source 129.9.0.0 0.0.255.255 destination
202.38.160.0 0.0.0.255 destination-port eq www (0 times matched)
Defining Layer 2 ACLs Layer 2 ACLs define rules based on the Layer 2 information such as the source and
destination MAC address information, VLAN priority and Layer 2 protocol to
process packets.
The value range for Layer 2 ACL numbers is 4,000 to 4,999.
Configuration
Preparation
Before configuring an ACL rule containing time range arguments, you need to
configure define the corresponding time ranges. For the configuration of time
ranges, refer to
“Configuring Time Ranges”.
The source and destination MAC addresses, VLAN priority and Layer 2 protocol in
the rule have been defined.
Configuration Tasks
Table 475 Create a Layer 2 ACL rule
Operation Command Description
Enter system view system-view -
Create or enter layer 2 ACL
view
acl { number acl-number |
name acl-name [ advanced |
basic | link | user ] } [
match-order { config | auto
} ]
Required
By default, the match order is
config.