undo rule (Advanced ACL view)

Function

The undo rule command deletes an ACL rule in the advanced ACL view.

By default, no advanced ACL rule is created and no description is configured for an ACL rule.

Format

undo rule rule-id { destination | destination-port | dscp | fragment-type | icmp-type | precedence | source | source-port | time-range | tos | vpn-instance | tcp-flag | source-pool | destination-pool | vxlan | ttl | packet-length | source-port-pool | destination-port-pool } *

undo rule rule-id description

Parameters

Parameter Description Value
destination

Matches packets based on destination IP addresses.

-
destination-port

Specify destination port.

-
dscp

Matches packets based on the 6-bit DSCP field in an IPv4 packet as defined in standard protocols.

-
fragment-type

Matches packets based on the fragment type of the packets.

-
icmp-type

Matches ICMP packets based on the ICMP type and message code.

-
precedence

Matches packets based on the high-order 3-bit ToS field in an IP packet as defined in standard protocols.

-
source

Matches packets based on source IP addresses.

-
source-port

Specify source port.

-
time-range

Specifies a time range during which an ACL rule takes effect.

-
tos

Matches packets based on the 4-bit ToS field in an IPv4 packet as defined in standard protocols.

-
vpn-instance

Matches packets based on a VPN instance name.

-
tcp-flag

Specifies the TCP-flag field.

-
source-pool

Specifies an advanced ACL source IP address pool.

-
destination-pool

Specifies the name of an ACL destination port pool.

-
vxlan

Matches virtual extensible LAN (VXLAN) packets.

-
ttl

Matches packets based on a specified TTL value.

-
packet-length

Matches packets based on the packet length.

-
source-port-pool

Specify source port pool.

-
destination-port-pool

Specify destination port pool.

-
undo

Cancel current setting.

-
rule rule-id

Specifies the ID of an ACL rule.

The value is an integer ranging from 0 to 4294967294.
description

Specify rule description.

-

Views

Advanced ACL view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
acl write

Usage Guidelines

Usage Scenario

Run the rule description command to configure a description for an ACL in any of the following situations:

  • A large number of ACLs are configured, and their functions are difficult to identify.
  • An ACL is used at a long interval, and its function may be left forgotten.

    To delete the description of an ACL rule, run the undo rule description command.

Prerequisites

An ACL rule has been created using the rule command.

Precautions

If the description of an ACL rule is not configured, the ACL rule may be misunderstood or misused.

Example

# Configure a description for an advanced ACL rule numbered 23, delete the description of an ACL rule.
<HUAWEI> system-view
[~HUAWEI] acl 3100
[*HUAWEI-acl4-advance-3100] rule 23 deny tcp source 1.1.1.1 24
[*HUAWEI-acl4-advance-3100] rule 23 description This rule is used to filter packets according to the source IP address.
[*HUAWEI-acl4-advance-3100] undo rule 23 description
Parent Topic: ACL Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >