Configuring an IPv4 basic ACL
IPv4 basic ACLs match packets based only on source IP addresses.
To configure an IPv4 basic ACL:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Create an IPv4 basic ACL and enter its view. | acl number acl-number [ name acl-name ] [ match-order { auto | config } ] | By default, no ACL exists. IPv4 basic ACLs are numbered in the range of 2000 to 2999. You can use the acl name acl-name command to enter the view of a named ACL. |
3. Configure a description for the IPv4 basic ACL. | description text | Optional. By default, an IPv4 basic ACL has no ACL description. |
4. Set the rule numbering step. | step step-value | Optional. The default setting is 5. |
5. Create or edit a rule. | rule [ rule-id ] { deny | permit } [ counting | fragment | logging | source { source-address source-wildcard | any } | time-range time-range-name | vpn-instance vpn-instance-name ] * | By default, an IPv4 basic ACL does not include any rule. The logging keyword takes effect only when the module that uses the ACL supports logging. |
6. Add or edit a rule comment. | rule rule-id comment text | Optional. By default, no rule comments are configured. |
7. Add or edit a rule range remark. | rule [ rule-id ] remark text | Optional. By default, no rule range remarks are configured. |