Access Control List example (Huawei)

Technology: Network Security
Area: ACL
Vendor: Huawei
Software: eNSP
Platform: Huawei switches and routers

An Access Control List (ACL) is a set of rules that classify packets to filter them. An ACL can contain multiple rules. A rule is identified by a rule ID, which can be set by a user or automatically generated based on the ACL step. All rules in an ACL are arranged in ascending order of rule IDs.

To configure ACL, use the following command:


<HuaweiI>system-view
[Huawei]interface GigabitEtherent 0/0/1
[Huawei-interface GigabitEtherent 0/0/1]ip address 10.0.4.1 24
[Huawei-interface GigabitEtherent 0/0/0]quit
[[Huawei] acl 3000
[[Huawei-acl-adv-3000]rule 5 permit tcp source 10.0.4.254 0.0.0.0 destination 119.84.111.3 0.0.0.0 destination-port eq 23
[[Huawei-acl-adv-3000]rule 10 permit ip source 10.0.4.0 0.0.0.0 destination any
[Huawei-acl-adv-3000]rule 15 deny ip[[Huawei-acl-adv-3000]]quit


[Huawei]display acl 3000  
Total quantity of nonempty ACL number is 2
Advanced ACL 3000, 1 rule
Acl's step is 5
rule 15 deny ip source 10.164.2.0 0.0.0.255 destination 119.84.111.3 0 time-range satime(Active)