The acl name command creates a user ACL and displays the ACL view. If a user ACL already exists, this command directly displays the ACL view.
The undo acl name command deletes a created user ACL.
By default, no user ACL has been created.
| Parameter | Description | Value |
|---|---|---|
| ucl |
Creates a user ACL with a keyword. |
- |
| match-order |
Indicates the order in which user ACL rules are matched. |
- |
| auto |
Indicates the automatic order, meaning that ACL rules are matched based on the depth-first principle.
|
- |
| config |
ndicates the configuration order, meaning that ACL rules are matched in the order they are configured. This mechanism applies only when rule numbers are not specified. If rule numbers are specified, the ACL rules are matched based on the numbers in ascending order. |
- |
| name ucl-acl-name |
Creates a user ACL with a name. |
The value is a string of 1 to 64 case-sensitive characters, spaces not supported. |
| number ucl-acl-number |
Creates a UCL ACL with a name. |
The value is an integer ranging from 6000 to 9999. |
Usage Scenario
Packets can be matched based on the source/destination IP address, source/destination service group, source/destination user group, source/destination port number, and protocol type. To create a user ACL, run the acl command.
Configuration Impact
The undo acl all command deletes all types of ACLs on a device. If the ACLs being deleted are applied to services, these services are interrupted. Before deleting an ACL, ensure that the ACL is not referenced by services.
Follow-up Procedure
Run the rule command to configure a rule for a created user ACL. Then the ACL rule can be applied to match packets.
Run the description command to configure a description for a created user ACL. The description can contain the functions of the user ACL, facilitating applications.