User manual
SS2R24G4i/SS2R48G4i
143
Parameters <name>,Interface name
Default None
Command Mode Admin mode
Displayed information Explanation
interface name Ethernet0/0/2 Tying situation on port Ethernet0/0/2
IP Ingress access-list used is
111
No. 111 numeric expansion ACL tied to entrance
of port Ethernet0/0/2
interface name Ethernet0/0/1 Tying situation on port Ethernet0/0/1
IP Ingress access-list used is
10
No. 10 standard expansion ACL tied to entrance
of port Ethernet0/0/1
15.5.1.3 show firewall
Command show firewall
Functions Reveal configuration information of packet filtering functions
Parameters None
Default None
Command Mode Admin mode
Displayed information Explanation
fire wall is enable Packet filtering function enabled
the default action of firewall is permit Default packet filtering function is permit
15.5.1.4 show time-range
Command show time-range<word>
Functions Reveal configuration information of time range functions
Parameters word assign name of time-range needed to be revealed
Default None
15.5.2 ACL Troubleshooting
& The check of list entris in ACL is a top-down behavior, once one entry is mached, the check will be
finished immediately;
& Only when there is no ACL binded or no ACL entry mached on the special direction of the port, the
default rules will be used;
& Each port ingress can bind one MAC-IP ACL or one IP ACL or one MAC ACL;
& Each port egress can bind one MAC-IP ACL or one IP ACL or one MAC ACL
& When two sets of ACL are binded to the ingress and egress simultaneously, the priority of the
egress rules is higher than that of ingress rules; in the same set of ACL, the earlier the rule is
configurated, the higher its priority is;
& When one ACL is binded to egress direction of the port, it can only include deny list entries;
& Only the interfaces on the MASTER switch can support the binding of ACL;