Alliedware plus command – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Command Line User’s Guide

Section II: Advanced Operations

349

Examples

The following command creates an ACL for port 4 that discards the
ingress traffic flow specified in classifier ID 18:

create acl=12 description=”IP flow deny” action=deny
classifierlist=18 portlist=4

The following command creates an ACL that discards the ingress traffic
flows specified in classifier ID 2 and 17 and applies the ACL to ports 2 and
6:

create acl=6 description=”subnet flow deny”
action=deny classifierlist=2,17 portlist=2,6

The following command creates the new ACL 24, which permits on ports 8
to 10 the ingress traffic defined in classifier ID 18:

create acl=24 description=”subnet flow deny”
action=permit classifierlist=18 portlist=8-10

AlliedWare Plus

Command

Syntax

To create access control lists with classifiers that filter ingress packets
based on:



Source IP addresses:

access-list 1-99 permit|deny

ipaddress

/

mask

|any



Destination IP addresses:

access-list 100-155 permit|deny

ipaddress

/

mask

|any



IP protocols:

access-list 156-199 permit|deny icmp|igmp|tcp|udp



Source MAC addresses:

access-list 200-255 permit|deny

macaddress

|any

To add access control lists to ports:

service-policy access

id

To remove access control lists from ports:

no service-policy access

id