Acl commands, Access-list, 22 acl commands – Dell PowerEdge M605 User Manual

ACL Commands

285

ACL Commands

access-list

Use the access-list command in Global Configuration mode to create an Access Control List
(ACL) that is identified by the parameter list-name.

Syntax

access-list std-list-num {deny | permit} {srcip srcmask | every} [log] [assign-queue queue-id]
[redirect interface | mirror interface]

access-list ext-list-num {deny | permit} {every | {[icmp | igmp | ip | tcp | udp | number]
{srcip srcmask | any} [eq [portkey | portvalue]] {dstip dstmask | any} [eq [portkey |
portvalue]] [precedence precedence | tos tos tosmask | dscp dscp] [log] [assign-queue queue-
id] [redirect interface | mirror interface]}}

no access-list list-name

•

list-name—Access-list name up to 31 characters in length.

•

deny | permit—Specifies whether the IP ACL rule permits or denies an action.

•

every—Allows all protocols.

•

eq—Equal. Refers to the Layer 4 port number being used as match criteria. The first
reference is source match criteria, the second is destination match criteria.

•

number—Standard protocol number. Protocol keywords icmp,igmp,ip,tcp,udp.

•

srcip—Source IP address.

•

srcmask—Source IP mask.

•

dstip—Destination IP address.

•

dstmask—Destination IP mask.

•

portvalue—The source layer 4 port match condition for the ACL rule is specified by the
port value parameter (Range: 0 - 65535).

•

portkey—Or you can specify the portkey, which can be one of the following keywords:
domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www.