Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

IPv4 Software Access Control List (ACL) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

35.9

Syntax

[proto|any|ip]

access-list extended <list-name>

{deny|permit}

{proto <ip-protocol>|any|ip}

{<source>}

{<destination>}

[log]

no access-list extended <list-name>

{deny|permit}

{proto <ip-protocol>|any|ip}

{<source>}

{<destination>}

[log]

Table 35-4: Parameters in the access-list extended (named) command - proto|ip|any

Parameter

Description

<list-name>

A user-defined name for the access-list.

deny

The access-list rejects packets that match the type, source, and
destination filtering specified with this command.

permit

The access-list permits packets that match the type, source, and
destination filtering specified with this command.

proto

Matches only a specified type of IP Protocol.

any

The access-list matches any type of IP packet.

ip

The access-list matches only IP packets.

The source address of the packets. You can specify a single host, a
subnet, or all sources. The following are the valid formats for
specifying the source:

any

Matches any source IP address.

host

Matches a single source host with the IP
address given by in dotted
decimal notation.

<ip-addr>/
<prefix>

An IPv4 address, followed by a forward
slash, then the prefix length. This matches
any source IP address within the specified
subnet.

<ip-addr>
<reverse-mask>

Alternatively, you can enter a reverse mask
in dotted decimal format. For example,
entering 192.168.1.1 0.0.0.255 is
the same as entering 192.168.1.1/24.