Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
271272273274275276277278279280
ACL Configuration Commands 277
Parameter
acl-number: ACL expressed by number.
all: All ACL rules.
Description
Use the reset acl counter command to clear the statistics of access control list.
Example
# Reset the statistics of access control list 1000.
<SecBlade_FW> reset acl counter 1000
rule Syntax
1 Create or delete a rule of a basic access control list.
rule [ rule-id ] { permit | deny } [ source sour-addr sour-wildcard | any ] [
time-range time-name ] [ logging ] [ fragment ]
undo rule rule-id [ source ] [ time-range ] [ logging ] [ fragment ]
2 Create or delete a rule of an advanced access control list.
rule [ rule-id ] { permit | deny } protocol [ source source-addr source-wildcard |
any ] [ destination dest-addr dest-wildcard | any ] [ source-port operator port1 [
port2 ] ] [ destination-port operator port1 [ port2 ] ] [ icmp-type { icmp-message
| icmp-type icmp-code } ] [ dscp dscp ] [ established ] [ precedence precedence ]
[ tos tos ] [ time-range time-name ] [ logging ] [ fragment ]
undo rule rule-id [ source ] [ destination ] [ source-port ] [ destination-port ] [
icmp-type ] [ dscp ] [ precedence ] [ tos ] [ time-range ] [ logging ] [ fragment
]
3 Create or delete a rule of an interface-based ACL rule.
rule [ rule-id ] { permit | deny } interface { interface-type interface-number | any
} [ time-range time-name ] [ logging ]
undo rule rule-id [ time-range | logging ] *
4 Add/delete a MAC-based ACL rule
rule [ rule-id ] { deny | permit } [ type type-code type-mask | lsap lsap-code
lsap-mask ] [ source-mac sour-addr sour-mask ] [ dest-mac dest-addr dest-mask ]
undo rule rule-id
View
ACL view
Parameter
In the rule command: