beautypg.com

Access-list hardware ip protocol filter) – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 870

background image

IPv4 Hardware Access Control List (ACL) Commands

Software Reference for x310 Series Switches

34.24

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

(access-list hardware IP protocol filter)

Use this ACL filter to add an IP protocol type filter entry to the current hardware access-list.
The filter will match on any IP packet that has the specified source and destination IP
addresses and IP protocol type, or has the optionally specified source and destination
MAC addresses. The parameter any may be specified if an address does not matter. If a
sequence number is specified, the new filter is inserted at the specified location.
Otherwise, the new filter is added at the end of the access-list.

The no variant of this command removes an IP protocol type filter entry from the current
hardware access-list. You can specify the IP protocol type filter entry for removal by
entering either its sequence number (e.g. no 10), or by entering its IP protocol type filter
profile without specifying its sequence number.

Note that the sequence number can be found by running the

show access-list (IPv4

Hardware ACLs) command on page 34.37

.

Syntax

[any|ip|proto]

[<sequence-number>]

{deny|permit|send-to-cpu|copy-to-cpu|copy-to-mirror}

{any|ip|proto <ip-protocol>}

{<source>|dhcpsnooping|any} {<destination>|any}

[

mac {<mac-source-address> <mac-source-mask>|any]

{<mac-destination-address> <mac-destination-mask>|any}

no {deny|permit|send-to-cpu|copy-to-cpu|copy-to-mirror}

{any|ip|proto <ip-protocol>}

{<source>|dhcpsnooping} {<destination>|any}

[

mac {<mac-source-address> <mac-source-mask>|any]

{<mac-destination-address> <mac-destination-mask>|any}

no <sequence-number>

Parameter

Description

<sequence-number>

<1-65535>
The sequence number for the filter entry of the selected
access control list.

deny

Access-list rejects packets of the type specified.

permit

Access-list allows packets of the type specified

send to cpu

Specify packets to send to the CPU.

copy to cpu

Specify packets to copy to the CPU.

copy to mirror

Specify packets to copy to the mirror port.

ip

IP packets.

any

Any packet.

proto <ip-protocol>

The IP Protocol type specified by it protocol number
<1-255>.

See also other documents in the category Allied Telesis Computer hardware: