beautypg.com

Ip acls, Table 4-32, Access control list commands – Accton Technology ES4512C User Manual

Page 277: Table 4-33, Ip acl commands

background image

Access Control List Commands

4-87

4

3. User-defined rules in the Ingress MAC ACL for ingress ports.
4. User-defined rules in the Ingress IP ACL for ingress ports.
5. Explicit default rule (permit any any) in the ingress IP ACL for ingress ports.
6. Explicit default rule (permit any any) in the ingress MAC ACL for ingress ports.
7. If no explicit rule is matched, the implicit default is permit all.

Masks for Access Control Lists

You must specify masks that control the order in which ACL rules are checked. The
switch includes two system default masks that pass/filter packets matching the
permit/deny the rules specified in an ingress ACL. You can also configure up to
seven user-defined masks for an ACL. A mask must be bound exclusively to one of
the basic ACL types (i.e., Ingress IP ACL, Egress IP ACL, Ingress MAC ACL or
Egress MAC ACL), but a mask can be bound to up to four ACLs of the same type.

IP ACLs

Table 4-32. Access Control List Commands

Command Groups

Function

Page

IP ACLs

Configures ACLs based on IP addresses, TCP/UDP port number,

protocol type, and TCP control code

4-87

MAC ACLs

Configures ACLs based on hardware addresses, packet format, and

Ethernet type

4-101

ACL Information

Displays ACLs and associated rules; shows ACLs assigned to each port 4-111

Table 4-33. IP ACL Commands

Command

Function

Mode

Page

access-list ip

Creates an IP ACL and enters configuration mode

GC

4-88

permit, deny

Filters packets matching a specified source IP address

STD-ACL

4-89

permit, deny

Filters packets meeting the specified criteria, including

source and destination IP address, TCP/UDP port number,

protocol type, and TCP control code

EXT-ACL

4-90

show ip access-list

Displays the rules for configured IP ACLs

PE

4-92

access-list ip

mask-precedence

Changes to the mode for configuring access control masks GC

4-92

mask

Sets a precedence mask for the ACL rules

IP-Mask

4-93

show access-list ip

mask-precedence

Shows the ingress or egress rule masks for IP ACLs

PE

4-96

ip access-group

Adds a port to an IP ACL

IC

4-97

show ip access-group

Shows port assignments for IP ACLs

PE

4-97

map access-list ip

Sets the CoS value and corresponding output queue for

packets matching an ACL rule

IC

4-98

show map access-list ip Shows CoS value mapped to an access list for an interface PE

4-99

This manual is related to the following products:
See also other documents in the category Accton Technology Computer Accessories: