Operation Manual – ACLH3C S5600 Series Ethernet Switches Chapter 1 ACL Configuration1-12Acl's step is 1rule 0 deny 06 ff 311.2.6 Applying ACLs on PortsBy applying ACLs on ports, you can filter the packets on the corresponding ports.I. Configuration prerequisitesYou need to define an ACL before applying it on a port. For information about definingan ACL, refer to Configuring Basic ACL, Configuring Advanced ACL, Configuring Layer2 ACL, and Configuring User-defined ACL.II. Configuration procedureFollow these steps to apply an ACL on a port:To do... Use the command... RemarksEnter system view system-view —Enter Ethernet portviewinterface interface-typeinterface-number —Apply an ACL on theportpacket-filter inboundacl-ruleRequiredFor information about acl-rule,refer to ACL Commands.III. Configuration example# Apply ACL 2000 on GigabitEthernet 1/0/1 to filter inbound packets. system-view[Sysname] interface GigabitEthernet 1/0/1[Sysname-GigabitEthernet1/0/1] packet-filter inbound ip-group 20001.2.7 Applying ACLs to a VLANBy applying ACLs to a VLAN, you can filter the packets on all the ports in the VLAN.I. Configuration prerequisitesBefore applying ACL rules to a VLAN, you need to define the related ACLs. Forinformation about defining an ACL, refer to Configuring Basic ACL, ConfiguringAdvanced ACL, Configuring Layer 2 ACL, and Configuring User-defined ACL.II. Configuration procedureFollow these steps to apply ACL rules to a VLAN: