Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 855
IPv4 Hardware Access Control List (ACL) Commands
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
34.9
Syntax
[tcp|udp]
access-list <3000-3699>
{copy-to-cpu|copy-to-mirror|send-to-mirror|deny|permit|send-to-
cpu} {tcp|udp}
{eq <sourceport>|lt <sourceport>|gt <sourceport>|ne <sourceport>|
[range <start-range> <end-range>}
[eq
[range <start-range> <end-range>]
no access-list <3000-3699>
Table 34-3: Parameters in the access-list (hardware IP numbered) command - tcp|udp
Parameter
Description
<3000-3699>
Hardware IP access-list.
copy-to-cpu
Specify packets to copy to the CPU.
copy-to-mirror
Specify packets to copy to the mirror port.
send-to-mirror
Specify packets to send to the mirror port.
deny
The access-list rejects packets that match the type, source, and
destination filtering specified with this command.
permit
The access-list permits packets that match the type, source, and
destination filtering specified with this command.
send-to-cpu
Specify packets to send to the CPU.
tcp
The access-list matches only TCP packets.
udp
The access-list matches only UDP packets.
The source address of the packets. You can specify a single host, a
subnet, or all sources. The following are the valid formats for
specifying the source:
any
Matches any source IP address.
host
Matches a single source host with
the IP address given by
in dotted decimal
notation.
<ip-addr>/<prefix>
An IPv4 address, followed by a
forward slash, then the prefix
length. This matches any source
IP address within the specified
subnet.
<ip-addr>
<reverse-mask>
Alternatively, you can enter a
reverse mask in dotted decimal
format. For example, entering
192.168.1.1 0.0.0.255
is
the same as entering
192.168.1.1/24
.