Filter
Top Products
356 CHAPTER 19: ACL CONFIGURATION
Table 367 Activate ACL
Displaying and
Debugging ACL
After the above configuration, execute display command in all views to display the
running of the ACL configuration, and to verify the effect of the configuration.
Execute reset command in User View to clear the statistics of the ACL module.
Table 368 Display and Debug ACL
The matched information of display acl command specifies the rules treated by
the Switch’s CPU.
For syntax description, refer to the Command Reference Manual.
Advanced ACL
Configuration Example
Networking Requirements
The interconnection between different departments on a company network is
implemented through the 1000 Mbps ports of the Switch. The IP address of the
payment query server of the Financial Dept. is 129.110.1.2. Financial Dept is accessed
using GigabitEthernet1/0/50. It is required to properly configure the ACL and limit
Financial Dept access to the payment query server between 8:00 and 18:00.
Networking Diagram
Figure 88 Access Control Configuration Example
Operation Command
Activate an ACL packet-filter { inbound | outbound } { user-group
acl_number [ rule rule ] | ip-group acl_number [ rule rule
[ link-group acl_number rule rule ] ] | link-group
acl_number [ rule rule ] }
Deactivate an ACL undo packet-filter { inbound | outbound } { user-group
acl_number [ rule rule ] | ip-group acl_number [ rule rule
[ link-group acl_number rule rule ] ] | link-group
acl_number [ rule rule ] }
Operation Command
Display the status of the time range display time-range { all | name }
Display the detail information about the
ACL
display acl { all | acl_number }
Display the information about the ACL
running state
display packet-filter { interface {
interface_name | interface_type
interface_num } | unitid unit_id }
Clear ACL counters reset acl counter { all | acl_number }
Administration Department
subnet address
10.120.0.0
Financial Department
subnet address
10.110.0.0
Office of President
129.111.1.2
Pay query server
129.110.1.2
Switch
#1
#4
#3
#2
Connected to a router