The if-match acl command configures an ACL to filter packets.
The undo if-match acl command cancels the configuration.
By default, no ACL is configured to filter packets.
| Parameter | Description | Value |
|---|---|---|
| acl-number |
Specifies an ACL number. |
The value is an integer ranging from 3000 to 3999, only for the IPv4 type ACL. |
| name acl-name |
Specifies an ACL name. |
The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive). |
Usage Scenario
You can define an ACL to classify packets based on the interface number, source IP address, destination IP address, IP bearer protocol type, TCP source port, TCP destination port, and ICMP message type and code, source MAC address, or destination MAC address. To configure an ACL to filter packets, run the if-match acl command.
Prerequisites
An advanced ACL has been created using the acl (advanced ACL view) command, and rules have been created using the rule (advanced ACL view) command.
Follow-up Procedure
Configure an action for the PBR policy, and apply the PBR policy to an interface.
<HUAWEI> system-view [~HUAWEI] acl 3101 [*HUAWEI-acl4-advance-3101] rule deny ip source 10.1.1.1 0 destination 10.2.1.1 0 [*HUAWEI-acl4-advance-3101] quit [*HUAWEI] policy-based-route policy1 permit node 10 [*HUAWEI-policy-based-route-policy1-10] if-match acl 3101