9Step Command Remarks1. Enter systemview. system-view N/A2. Create anEthernet frameheader ACLand enter itsview.acl number acl-number[ name acl-name ][ match-order { auto |config } ]By default, no ACL exists.Ethernet frame header ACLs are numbered in therange of 4000 to 4999.You can use the acl name acl-name command to enterthe view of a named Ethernet frame header ACL.3. Configure adescription forthe Ethernetframe headerACL.description textOptional.By default, an Ethernet frame header ACL has no ACLdescription.4. Set the rulenumberingstep.step step-value Optional.The default setting is 5.5. Create or edit arule.rule [ rule-id ] { deny |permit } [ cos vlan-pri |counting | dest-macdest-addr dest-mask | { lsaplsap-type lsap-type-mask |type protocol-typeprotocol-type-mask } |source-mac sour-addrsource-mask | time-rangetime-range-name ] *By default, an Ethernet frame header ACL does notcontain any rule.If the ACL is for QoS traffic classification or packetfiltering, to use the lsap keyword, the lsap-typeargument must be AAAA, and the lasp-type-maskargument must be FFFF. Otherwise, the ACL cannot befunction normally.6. Add or edit arule comment. rule rule-id comment text Optional.By default, no rule comments are configured.7. Add or edit arule rangeremark.rule [ rule-id ] remark text Optional.By default, no rule range remarks are configured.8. Enablecounting ACLrule matchesperformed inhardware.hardware-count enableOptional.Disabled by default.When the ACL is referenced by a QoS policy, thiscommand does not take effect.Copying an ACLYou can create an ACL by copying an existing ACL (source ACL). The new ACL (destination ACL) has thesame properties and content as the source ACL, but not the same ACL number and name.To successfully copy an ACL, make sure that:• The destination ACL number is from the same category as the source ACL number.• The source ACL already exists but the destination ACL does not.Copying an IPv4 ACL