Configuring acls (cli), Configuring an ipv4 acl – Dell POWEREDGE M1000E User Manual
Page 562
562
Configuring Access Control Lists
Configuring ACLs (CLI)
This section provides information about the commands you use to create and
configure ACLs. For more information about the commands, see the
PowerConnect M6220/M6348/M8024/M8024-k CLI Reference Guide
at
.
Configuring an IPv4 ACL
Beginning in Privileged EXEC mode, use the following commands to create
an IPv4 ACL, configure rules for the ACL, and bind the ACL to an interface.
NOTE:
The ip access-group command can be issued in Global Configuration
mode or Interface configuration mode. If it is applied in Global Configuration
mode, the ACL binding is applied to all interfaces. If it is applied in Interface
Configuration mode, it is applied only to the specified interfaces within the mode.
Command
Purpose
configure
Enter global configuration mode.
access-list
name {deny |
permit} {every | {[icmp
| igmp | ip | tcp | udp |
number] {srcip srcmask
| any} [eq [
portkey |
portvalue]] {dstip
dstmask | any} [eq
[portkey | portvalue]]
[precedence
precedence
| tos
tos tosmask | dscp
dscp] [log] [time-range
time-range-name]
[assign-queue
queue-id]
[redirect
interface |
mirror
interface]}}
Create a named ACL (if it does not already exist) and
create a rule for the named ACL. If the ACL already exists,
this command creates a new rule for the ACL.
•
list-name — Access-list name up to 31 characters in
length.
• deny | permit — Specifies whether the IP ACL rule
permits or denies an action.
• every — Allows all protocols.
• eq — Equal. Refers to the Layer 4 port number being
used as match criteria. The first reference is source match
criteria, the second is destination match criteria.
•
number — Standard protocol number. Protocol keywords
icmp, igmp, ip, tcp, udp.
•
srcip — Source IP address.
•
srcmask — Source IP mask.
•
dstip — Destination IP address.
•
dstmask — Destination IP mask.