Creating an Interface ACL

You can create an interface ACL and configure parameters for the ACL.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run acl { name interface-based-acl-name { interface | [ interface ] number interface-based-acl-number } | [ number ] interface-based-acl-number } [ match-order { config | auto } ]

    An interface ACL is created.

    The interface ACL number ranges from 1000 to 1999.

  3. (Optional) Run step step

    An ACL increment is set.

    You can use an ACL increment to maintain ACL rules and add new ACL rules conveniently.

    Assume that a user has created four rules numbered from 1 to 4 in an ACL. The user can reconfigure the ACL increment, for example, to 2 by running the step 2 command in the ACL view. The original rule numbers 1, 2, 3, and 4 are renumbered as 2, 4, 6, and 8, respectively. After that, the user can run the rule 3 command to add a rule numbered 3 between the renumbered rules 2 and 4.

  4. (Optional) Run description text

    The ACL description is configured.

    The description command configures a description for an ACL in any of the following situations:

    • A large number of ACLs are configured, and their functions are difficult to identify.
    • An ACL is used at a long interval, and its function may be left forgotten.
    • Names of named ACLs cannot fully explain the ACLs' functions.

  5. Run commit

    The configuration is committed.

Parent Topic: Configuring an Interface ACL
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >