H3C S7500 Series Ethernet Switches Operation Manual
Operation Manual – ACL
H3C S7500 Series Ethernet Switches Chapter 1
ACL Configuration
1-10
Table 1-6 Rule information
Parameter Type Function Remarks
protocol
Protocol
type
Type of protocol
over IP
When expressed in
numerals, the value range is
1 to 255.
When expressed with a
name, the value can be
GRE, ICMP, IGMP, IP, IPinIP,
OSPF, TCP, a nd UDP.
source
{ sour-addr
sour-wildcard |
any }
Source
address
information
Specifies the
source address
information in the
rule
sour-addr sour-wildcard is
used to specify the source
address of the packet,
expressed in dotted decimal
notation.
any represents all source
addresses.
destination
{ dest-addr
dest-wildcard |
any }
Destination
address
information
Specifies the
destination
address
information in the
rule
dest-addr dest-wildcard is
used to specify the
destination address of the
packet, expressed in dotted
decimal notation.
any represents all
destination address.
precedence
precedence
Packet
precedence
IP priority Value range: 0 to 7
tos tos
Packet
precedence
ToS priority Value range: 0 to 15
dscp dscp
Packet
precedence
DSCP priority Value range: 0 to 63
fragment
Fragment
information
Specifies that the
ACL rule is
effective for
non-initial fragment
packets
—
time-range
time-name
Time range
information
Specifies the time
range in which the
ACL rule is active
—
Note:
sour-wildcard and dest-wildcard represent the wildcard masks of the destination subnet
masks, provided in dotted decimal notation. For example, if you want to specify the
subnet mask as 255.255.0.0, you need to input 0.0.255.255. The wildcard mask can be
0, representing the host address.