206
ACL Commands
access-list
Use the
access-list
command in Global Configuration mode to create an
Access Control List (ACL) that is identified by the parameter
list-name
.
Syntax
access-list
std-list-num
{
deny
|
permit
} {
srcip
srcmask
|
every
} [
log
]
[
assign-queue
queue-id
] [
redirect
interface
|
mirror
interface
]
access-list
ext-list-num
{
deny
|
permit
} {
every
| {[
icmp
|
igmp
|
ip
|
tcp
|
udp
|
number
] {
srcip
srcmask
|
any
} [
eq
[
portkey
|
portvalue
]] {
dstip
dstmask
|
any
} [
eq
[
portkey
|
portvalue
]] [
precedence
precedence
|
tos
tos
tosmask
|
dscp
dscp
] [log] [
assign-queue
queue-id
] [
redirect
interface
|
mirror
interface
]}}
no access-list
list-name
•
list-name
— Access-list name up to 31 characters in length.
•
deny | permit
— Specifies whether the IP ACL rule permits or denies an
action.
•
every
— Allows all protocols.
•
eq
— Equal. Refers to the Layer 4 port number being used as match
criteria. The first reference is source match criteria, the second is
destination match criteria.
•
number
— Standard protocol number. Protocol keywords
icmp,igmp,ip,tcp,udp.
•
srcip
— Source IP address.
•
srcmask
— Source IP mask.
•
dstip
— Destination IP address.
•
dstmask
— Destination IP mask.
•
portvalue
— The source layer 4 port match condition for the ACL rule is
specified by the port value parameter (Range: 0–65535).
•
portkey
— Or you can specify the
portkey
, which can be one of the
following keywords: domain, echo, ftp, ftpdata, http, smtp, snmp, telnet,
tftp, and www.
• log — Specifies that this rule is to be logged.
Содержание PowerConnect 6224
Страница 54: ...54 Contents show ip https 1369 state 1370 ...
Страница 134: ...134 Command Groups ...
Страница 186: ...186 Using the CLI ...
Страница 216: ...216 ACL Commands ...
Страница 236: ...236 Address Table Commands ...
Страница 250: ...250 CDP Interoperability Commands ...
Страница 256: ...256 DHCP Layer 2 Relay Commands Example console config dhcp l2relay vlan 10 340 345 ...
Страница 284: ...284 Dynamic ARP Inspection Commands ...
Страница 318: ...318 Ethernet Configuration Commands ...
Страница 330: ...330 GVRP Commands ...
Страница 344: ...344 IGMP Snooping Commands ...
Страница 368: ...368 IP Addressing Commands ...
Страница 378: ...378 IPv6 Access List Commands ...
Страница 386: ...386 IPv6 MLD Snooping Querier Commands MLD Version Indicates the version of MLD ...
Страница 393: ...LACP Commands 393 Oper Key 29 Partner System Priority 0 MAC Address 000000 000000 Oper Key 14 ...
Страница 394: ...394 LACP Commands ...
Страница 404: ...404 Link Dependency Commands ...
Страница 432: ...432 LLDP Commands ...
Страница 446: ...446 Port Monitor Commands 1 Enable 1 g10 1 g8 Rx Tx ...
Страница 572: ...572 TACACS Commands ...
Страница 610: ...610 VLAN Commands ...
Страница 616: ...616 Voice VLAN Commands ...
Страница 618: ...618 802 1x Commands 802 1x Option 81 radius server attribute 4 ...
Страница 643: ...802 1x Commands 643 console show dot1x advanced ethernet 1 g2 Port Guest Unauthenticated VLAN Vlan 1 g2 10 20 ...
Страница 656: ...656 ARP Commands IP Address MAC Address Interface Type Age console ...
Страница 678: ...678 DHCPv6 Commands DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 ...
Страница 822: ...822 IPv6 Routing Commands ...
Страница 826: ...826 Loopback Interface Commands ...
Страница 828: ...828 Multicast Commands show ip pimsm rphash show ip pimsm rp mapping ...
Страница 854: ...854 Multicast Commands ...
Страница 930: ...930 OSPF Commands ...
Страница 933: ...OSPFv3 Commands 933 show ipv6 ospf virtual link show ipv6 ospf virtual link brief ...
Страница 1004: ...1004 PIM SM Commands ...
Страница 1014: ...1014 Router Discovery Protocol Commands ...
Страница 1036: ...1036 Tunnel Interface Commands console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 ...
Страница 1037: ...Virtual LAN Routing Commands 1037 50 Virtual LAN Routing Commands This chapter explains the following command show ip vlan ...
Страница 1054: ...1054 Autoconfig Commands boot host dhcp boot host retry count show boot ...
Страница 1058: ...1058 Autoconfig Commands ...
Страница 1094: ...1094 Captive Portal Commands ...
Страница 1110: ...1110 Clock Commands ...
Страница 1130: ...1130 Configuration and Image File Commands ...
Страница 1142: ...1142 Denial of Service Commands ...
Страница 1162: ...1162 Password Management Commands aging enabled aging value 30 days User lockout enabled User lockout attempts 3 ...
Страница 1178: ...1178 Power Over Ethernet Commands ...
Страница 1220: ...1220 Serviceability Tracing Packet Commands ...
Страница 1232: ...1232 Sflow Commands ...
Страница 1262: ...1262 SNMP Commands ...
Страница 1346: ...1346 System Management Commands 4 5 ...
Страница 1350: ...1350 Telnet Server Commands ...
Страница 1351: ...User Interface Commands 1351 70 User Interface Commands This chapter explains the following commands enable end exit quit ...
Страница 1372: ...1372 Web Server Commands ...