H3C S7500 Series Ethernet Switches Operation Manual
Operation Manual – ACL
H3C S7500 Series Ethernet Switches Chapter 1
ACL Configuration
1-16
Table 1-14 Rule information
Parameter Type Function Remarks
protocol-type
Protocol type
Defines the
protocol type over
Ethernet frames
protocol-type: the value
can be ip, arp, rarp, ipx,
nbx, pppoe-control, or
pppoe-data. When the
protocol type is arp, the
rules cannot match the
ARP packets with the
destination MAC address
as the MAC address of
Layer 3 interface or with
the destination MAC
address being all Fs.
format-type
Link layer
encapsulation
type
Defines the link
layer
encapsulation type
in the rule
format-type: the value can
be 802.3/802.2, 802.3,
ether_ii, or snap.
ingress
{ { source-vla
n-id |
source-mac-
addr
[ source-mac
-mask ] }* |
any }
Source MAC
address
information
Specifies the
source MAC
address range in
the ACL rule
source-mac-addr: source
MAC address, in the
format of H-H-H
source-mac-mask: source
MAC address mask, in the
format of H-H-H, defaults
to ffff-ffff-ffff.
source-vlan-id: source
VLAN ID, in the range of 1
to 4,094
any represents all packets
received from all ports.
egress
{ dest-mac-a
ddr
[ dest-mac-m
ask ] | any }
Destination
MAC address
information
Specifies the
destination MAC
address range in
the ACL rule
dest-mac-addr:
destination MAC address,
in the format of H-H-H
dest-mac-mask:
destination MAC address
mask, in the format of
H-H-H, defaults to
ffff-ffff-ffff.
any represents all packets
forwarded by all ports.
cos cos
Priority
Defines the 802.1p
priority of the ACL
rule
cos: ranges from 0 to 7
time-range
time-name
Time range
information
Specifies the time
range in which the
rule is active
time-name: name of a
time range in which the
ACL rule is active; a string
of 1 to 32 characters