Permit, Example - permitting traffic to interface – Brocade Communications Systems RFS6000 User Manual

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

481

53-1001931-01

Standard ACL config commands

15

permit

Standard ACL config commands

Specifies packet to forward

Supported in the following platforms:

•

Mobility RFS4000 Controller

•

Mobility RFS6000 Controller

•

Mobility RFS7000 Controller

Syntax

permit [|any|host ]

{log}

{rule-precedence <1-5000>}

Parameters

Usage Guidelines

Use this command to allow traffic based on the source IP address or network address. The last ACE
in the access list is an implicit deny statement.

Whenever the interface receives the packet, its content is checked against all

the ACEs in the ACL. It is allowed based on the ACL’s configuration.

NOTE

The log option is functional only for router ACLs. The log option displays an informational logging
message about the packet matching the entry sent to the console.

Example - permitting traffic to interface

The example below permits all the traffic that comes to the interface:

RFController(config-std-nacl)#permit any rule-precedence 50

RFController(config-std-nacl)#

[|
any|host ] {log}
{rule-precedence
<1-5000>}

Use with a permit command to allow packets

•

|any|host – The keyword
is the source IP address of the network or host
in dotted decimal format. The is the network mask.
For example, 10.1.1.10/24 indicates the first 24 bits of the
source IP is used for matching.

•

any – any is an abbreviation for a source IP of 0.0.0.0 and
source-mask bits equal to 0

•

host – host is an abbreviation for the exact source
(A.B.C.D format) and source-mask bits equal to 32

•

log – Generates log messages when the packet coming from
the interface matches an ACL entry. Log messages are
generated only for router ACLs.

•

rule-precedence <1-5000> – Defines an integer value
between 1-5000. This value sets the rule precedence in the
ACL.