Support User Manuals

3Com 3.01.01 Switch User Manual

Open as PDF

of 356

Displaying and Debugging ACL Configurations 213

Displaying and

Debugging ACL

Configurations

After these configurations are completed, you can use the display command in

any view to view ACL running to check configuration result. You can clear ACL

statistics using the display command in user view.

The display acl config command only displays the ACL matching information

processed by the CPU. You can use the display qos-interface traffic-statistic

command to view the ACL matching information during data forwarding.

ACL Configuration

Example

The intranet is connected through 100 Mbps ports between departments. The

wage server of the financial department is connected through the port

GigabitEthernet7/1/1 (subnet address 129.110.1.2). With proper ACL

configuration, the CEO's office can access the wage server at any time, but other

departments can access it only at work time.

Activate IP group ACL and link group

ACL at same time

packet-filter inbound ip-group { acl-number |

acl-name } { rule rule link-group { acl-number |

acl-name } [ rule rule [ system-index index ] ] |

link-group { acl-number | acl-name } rule rule }

Deactivate IP group ACL and link group

ACL at same time

undo packet-filter inbound ip-group {

acl-number | acl-name } { rule rule link-group {

acl-number | acl-name } [ rule rule ] | link-group {

acl-number | acl-name } rule rule }

Activate link group ACL packet-filter inbound link-group { acl-number |

acl-name } [ rule rule [ system-index index ] ]

Deactivate link group ACL undo packet-filter inbound link-group {

acl-number | acl-name } [ rule rule ]

Table 9 Activating ACL

Operation Command

Table 10 Displaying and debugging ACL configurations

Operation Command

Display time range configuration display time-range { all | name }

Display ACL configuration display acl config { all | acl-number | acl-name }

Display ACL application information display acl running-packet-filter { all | interface

{ interface-name | interface-type interface-num } |

vlan vlan-id }

Display configuration information of

flow template

display flow-template [ default | interface

interface-type interface-num | user-defined | vlan

vlan-id ]

Clear ACL statistics reset acl counter { all | acl-number | acl-name }

previous next