No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
if-match acl

if-match acl

Function

The if-match acl command configures a matching rule in a traffic classifier based on an Access Control List (ACL).

The undo if-match acl command deletes a matching rule in a traffic classifier based on an ACL.

By default, a matching rule based on an ACL is not configured in a traffic classifier.

Format

if-match [ ipv6 ] acl { acl-number | acl-name }

undo if-match [ ipv6 ] acl { acl-number | acl-name }

Parameters

Parameter

Description

Value

ipv6

Indicates that IPv6 ACLs are matched. If this parameter is not specified, IPv4 ACLs are matched.

-

acl-number

Specifies the number of an ACL.
The value is an integer that ranges from 2000 to 4999. The number of an ACL6 ranges from 2000 to 3999.
  • ACLs numbered 2000 to 2999 are basic ACLs, which are used to classify all packets.
  • ACLs numbered 3000 to 3999 are advanced ACLs, which are used to classify Layer 3 information about the packets.
  • ACLs numbered 4000 to 4999 are layer 2 ACLs, which are used to classify packets based on the source MAC address, destination MAC address, and packet type.
acl-name

Specifies an ACL name.

The value is a string of 1 to 32 case-sensitive characters without spaces. The name starts with a letter and can contain letters, digits, and symbols such as the number sign (#), percentage symbol (%), and hyphen (-).

Views

Traffic classifier view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To classify packets based on the interface, source IP address, destination IP address, protocol over IP, source and destination TCP port numbers, ICMP type and code, and source and destination MAC addresses, reference an ACL. You must first define an ACL and configure rules in the ACL. Then run the if-match acl command to configure a matching rule for traffic classification based on the ACL so that packets matching the same rule are processed in the same manner.

Prerequisites

The following operations must have been performed:

  • Create an ACL and configure rules in the ACL.

  • Create a traffic classifier using the traffic classifier command.

Precautions

Regardless of whether the relationship between rules in the traffic classifier is AND or OR, if an ACL contains multiple rules, the packet that matches only one ACL rule matches the ACL.

You can configure multiple ACL rules in a traffic classifier to match different types of packets. A traffic classifier allows a maximum of 1024 if-match rules on the AC6605, ACU2, AC6805, or AC6800V, and a traffic classifier allows a maximum of 256 if-match rules on the AC6507S, AC6508, or AC6005.

Example

# Define a matching rule for the traffic classifier c1: ACL 2046 is used to match packets.

<AC6605> system-view
[AC6605] acl 2046
[AC6605-acl-basic-2046] rule permit source any
[AC6605-acl-basic-2046] quit
[AC6605] traffic classifier c1 operator and
[AC6605-classifier-c1] if-match acl 2046
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3204391

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :