step step-value
The step value between ACL rule IDs is set.
By default, the step value is 5.
Step 2 Run:
rule { permit | deny } [ l2-protocol type-value [ type-mask ] | destination-mac
dest-mac-address [ dest-mac-mask ] | source-mac source-mac-address [ source-mac-
mask ] | vlan-id vlan-id [ vlan-id-mask ] | 8021p 802.1p-value | [ time-range time-
range-name ] ]
*
A Layer 2 ACL is configured.
To configure multiple rules, repeat this step.
NOTE
If the rule ID is not specified, the step value is used as the start rule ID.
If different rules are ANDed or ORed, configure a correct matching order to prevent incorrect configurations.
Step 3 (Optional) Run:
rule rule-id description text
The description of the Layer 2 ACL rule is configured.
The description of an ACL rule describes the function or usage of the ACL rule. It is used to
differentiate ACL rules.
----End
Follow-up Procedure
After a Layer 2 ACL rule is configured, perform the following operations as required:
l Run the step command to change the step value.
l Run the rule command with rule-id specified to add a new rule between existing rules when
the configuration order is used.
10.5.5 Applying a Layer 2 ACL
A Layer 2 ACL can be applied to some services and functions to classify packets.
Prerequisites
A Layer 2 ACL has been created and rules have been configured in the Layer 2 ACL.
Context
A Layer 2 ACL can be applied to the following services and functions:
l Traffic classifier
l Blacklist for local attack defense feature
l Packet filtering on an interface.
Procedure
l Apply a Layer 2 ACL to a traffic classifier.
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 10 ACL Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
206
To Next Page
Loading...
Need help?
General
