Foundry NetIron M2404C and M2404F Metro Access Switches
Switch Administration (Rev. 03)
Domain Name System (DNS) Resolver © 2008 Foundry Networks, Inc.
Page 78 of 87
Table 32: Named Access List/Class Commands
Command
Description
access-list
Creates a named access list that controls inbound and/or
outbound data traffic according to specified criteria.
show access-lists
Displays the named access lists.
show access-class
Displays the named access class.
Default Access List Configuration
Table 33
shows the default parameters for the named access list.
Table 33: Access List Default Configuration
Parameter
Default Value
Named access list
Not created
Exact match
Disabled
Creating Named Access List
The
access-list
command, in Global Configuration mode, configures a named access list that
controls the inbound and/or outbound data traffic according to criteria specified in the command
arguments. The
no
form of this command removes the specified access list.
The named access list defaults to an implicit deny statement for any condition that has not been
permitted.
Command Syntax
device-name
(config)#
access-list NAME
{
permit
|
deny
}
{
A.B.C.D/M
[
exact-match
] |
any
}
device-name
(config)#
no access-list NAME
[{
permit
|
deny
}
{
A.B.C.D/M
[
exact-match
] |
any
}]
Argument Description
NAME
The access list name (spaces are not allowed and the first character must be a
letter).
permit
Permits access for matching conditions.
deny
Denies access to matching conditions.
A.B.C.D/M
Source IP address and mask.
any
Any IP address.
exact-match
(Optional). Only the IPs with an exact match of the specified argument (used
only for routing protocols).
Example
The following example shows a basic filtering configuration:
device-name
(config)#
access-list filter deny 10.0.0.0/9