3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
ACL Configuration Commands 321
# Add a rule to permit hosts in the network segment 129.9.0.0 to send WWW
packet to hosts in the network segment 202.38.160.0.
[SecBlade_FW-acl-adv-3001] rule permit tcp source 129.9.0.0 0.0.255.
255 destination 202.38.160.0 0.0.0.255 destination-port eq www
# Add a rule to deny the WWW access (80) from the host in network segment
129.9.0.0 to the host in network segment 202.38.160.0, and log events that
violate the rule.
[SecBlade_FW-acl-adv-3001] rule deny tcp source 129.9.0.0 0.0.255.
255 destination 202.38.160. 0 0.0.0.255 eq www logging
# Add a rule to permit the WWW access (80) from the host in network segment
129.9.8.0 to the host in network segment 202.38.160.0.
[SecBlade_FW-acl-adv-3001] rule permit tcp source 129.9.8.0 0.0.0.
255 destination 202.38.160.0 0.0.0.255 destination-port eq www
# Add a rule to prohibit all hosts from establishing Telnet (23) connection to the
host with the IP address 202.38.160.1.
[SecBlade_FW-acl-adv-3001] rule deny tcp destination 202.38.160.1 0
destination-port eq telnet
# Add a rule to prohibit create UDP connections with port number greater than
128 from the hosts in network segment 129.9.8.0 to the hosts in network
segment 202.38.160.0
[SecBlade_FW-acl-adv-3001] rule deny udp source 129.9.8.0 0.0.0.255
destination 202.38.160.0 0.0.0.255 destination-port gt 128
rule comment Syntax
rule rule-id comment text
undo rule rule-id comment
View
ACL view
Parameter
rule-id: ID of an existing ACL rule.
comment text: Comment of an ACL rule, a string of up to 128 characters.
Description
Use the rule comment command to add comment to an ACL rule.
Use the undo rule comment command to remove the comment of the ACL rule.
Example
# Add comment to ACL rule 7.