1-6From 15:00 Jan/28/2006 to 15:00 Jan/28/2008Configuring Basic ACLA basic ACL filters packets based on their source IP addresses.A basic ACL can be numbered from 2000 to 2999.Configuration prerequisitesz To configure a time range-based basic ACL rule, you need to create the correspondingtime range first. For information about time range configuration, refer to ConfiguringTime Range.z The source IP addresses based on which the ACL filters packets are determined.Configuration procedureFollow these steps to define a basic ACL rule:To do... Use the command... RemarksEnter system view system-view —Create an ACL and enterbasic ACL viewacl number acl-number[ match-order { auto |config } ]Requiredconfig by defaultDefine an ACL rule rule [ rule-id ] { deny | permit }[ rule-string ]RequiredFor information aboutrule-string, refer to ACLCommand.Configure a descriptionstring to the ACL description text OptionalNot configured by defaultNote that:z With the config match order specified for the basic ACL, you can modify any existentrule. The unmodified part of the rule remains. With the auto match order specified forthe basic ACL, you cannot modify any existent rule; otherwise the system will tell youthat the rule cannot be modified.z If you do not specify the rule-id argument when creating an ACL rule, the rule will benumbered automatically. If the ACL has no rules, the rule is numbered 0; otherwise, thenumber of the rule will be the greatest rule number plus one. If the current greatest rulenumber is 65534, however, the system will tell you that the rule cannot be created andyou need to specify a number for the rule.z The content of a modified or created rule cannot be identical with the content of anyexisting rule; otherwise the rule modification or creation will fail, and the systemprompts that the rule already exists.z With the auto match order specified, the newly created rules will be inserted in theexistent ones by depth-first principle, but the numbers of the existent rules areunaltered.