Configuring an ethernet frame header acl – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 17
8
Step
Command
Remarks
2.
Create an IPv6 advanced
ACL and enter its view.
acl ipv6 number acl6-number [ name
acl6-name ] [ match-order { auto |
config } ]
By default, no ACL exists.
IPv6 advanced ACLs are
numbered in the range 3000 to
3999.
You can use the acl ipv6 name
acl6-name command to enter the
view of a named IPv6 ACL.
3.
Configure a description
for the IPv6 advanced
ACL.
description text
Optional.
By default, an IPv6 advanced
ACL has no ACL description.
4.
Set the rule numbering
step.
step step-value
Optional.
5 by default.
5.
Create or edit a rule.
rule [ rule-id ] { deny | permit } protocol
[ { { ack ack-value | fin fin-value | psh
psh-value | rst rst-value | syn syn-value |
urg urg-value } * | established } |
counting | destination { dest dest-prefix |
dest/dest-prefix | any } |
destination-port operator port1 [ port2 ]
| dscp dscp | flow-label flow-label-value
| icmp6-type { icmp6-type icmp6-code |
icmp6-message } | source { source
source-prefix | source/source-prefix |
any } | source-port operator port1
[ port2 ] | time-range time-range-name ]
*
By default IPv6 advanced ACL
does not contain any rule.
To create or edit multiple rules,
repeat this step.
6.
Configure or edit a rule
description.
rule rule-id comment text
Optional.
By default, an IPv6 advanced
ACL rule has no rule description.
Configuring an Ethernet frame header ACL
Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol
header fields such as source MAC address, destination MAC address, 802.1p priority (VLAN priority),
and link layer protocol type.
To configure an Ethernet frame header ACL:
Step
Command
Remarks
1.
Enter system view.
system-view N/A