3Com Switch 7750 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

641

642

643

644

645

646

647

648

649

650

Defining User-Defined ACLs 649

In the case that you specify the rule ID when defining a rule:

■ If the rule corresponding to the specified rule ID already exists, you will edit the

rule, and the modified part in the rule will replace the original content, while

other parts remain unchanged.

■ If the rule corresponding to the specified rule ID does not exists, you will create

and define a new rule.

■ The content of a newly created rule must not be identical with the content of

any existing rule; otherwise the rule creation will fail, and the system will

prompt that the rule already exists.

If you do not specify a rule ID, you will create and define a new rule, and the

system will assign an ID for the rule automatically.

Configuration Example # Configure ACL 4000 to deny packets whose 802.1p priority is 3, source MAC

address is 000d-88f5-97ed, and destination MAC address is 0011-4301-991e.

<SW7750> system-view

[SW7750] acl number 4000

[SW7750-acl-link-4000] rule deny cos 3 source 000d-88f5-97ed ffff-ff

ff-ffff dest 0011-4301-991e ffff-ffff-ffff

[SW7750-acl-link-4000] display acl config 4000

Link ACL 4000, 1 rule,

rule 0 deny cos excellent-effort source 000d-88f5-97ed ffff-ffff-fff

f dest 0011-4301-991e ffff-ffff-ffff (0 times matched)

Defining User-Defined

ACLs

Using a byte, which is specified through its offset from the packet header, in the

packet as the starting point, user-defined ACLs perform logical AND operations on

packets and compare the extracted string with the user-defined string to find the

matching packets for processing.

User-defined ACL numbers range from 5,000 to 5,999.

Configuration

Preparation

To configure a time range-based ACL rule, you need first to define the

corresponding time range, as described in “Configuring Time Ranges” on page

640.

Configuration Procedure

video 5 101

voice 6 110

network-management 7 111

Table 521 Description of CoS value

Keyword CoS value in decimal CoS value in binary

Table 522 Define a user-defined ACL rule

Operation Command Description

Enter system view system-view -