Allied Telesis AT-FS970M Series User Manual

AT-FS970M Switch Command Line User’s Guide

1691



To create a numbered IPv4 ACL, see the commands listed in
Table 232.

Use the no form of this command, NO MATCH ACCESS-GROUP, to
remove an access group created with either a group name or a group
number from a class map. See “NO MATCH ACCESS-GROUP” on
page 1724.

Confirmation Command

“SHOW CLASS-MAP” on page 1744

“SHOW RUNNING-CONFIG” on page 166

Examples

The following example creates a named IPv4 ACL access list called
“icmppermit” and matches it to a class map called “cmap1:”

awplus> enable
awplus# configure terminal
awplus(config)# access-list icmppermit
awplus(config-ip-acl)# permit icmp any any
awplus(config-ip-acl)# exit
awplus(config)# class-map cmap1
awplus(config-cmap)# match access-group icmppermit

Table 232. ACCESS-LIST Commands for Creating Numbered IPv4 ACLs

To Do This Task

Use This Command

Create Numbered IPv4 ACLs for ICMP
packets.

“ACCESS-LIST ICMP” on
page 1551

Create Numbered IPv4 ACLs for
source and destination IP addresses.

“ACCESS-LIST IP” on
page 1554

Create Numbered IPv4 ACLs for
packets of specified protocols.

“ACCESS-LIST PROTO”
on page 1558

Create Numbered IPv4 ACLs that filter
ingress packets based on TCP port
numbers.

“ACCESS-LIST TCP” on
page 1563

Create Numbered IPv4 ACLs that filter
ingress packets based on UDP port
numbers.

“ACCESS-LIST UDP” on
page 1567