Usage Information
NOTE:
The vrf option is available only when VRF feature is enabled.
show ip
accounting
access-lists
Field
Description
“Extended IP...”
Displays the name of the IP ACL.
“seq 5...”
Displays the filter. If the keywords
count
or
byte
were configured in the filter, the
number of packets or bytes the filter processes is displayed at the end of the line.
“order 4”
Displays the QoS order of priority for the ACL entry.
Example
Standard IP ACL Commands
When you create an ACL without any rule and then apply it to an interface, the ACL behavior reflects an implicit permit.
The platform supports both Ingress and Egress IP ACLs.
NOTE:
Also refer to the
Commands Common to all ACL Types
and
sections.
deny
To drop packets with a certain IP address, configure a filter.
Syntax
deny {
source
| any | host {
ip-address
}} [count [bytes] | log] [dscp
value
] [ecn
value
] [fragments] [monitor [
session-ID
]] [no-drop] [order]
To remove this filter, you have two choices:
•
Use the
no seq
sequence-number
command if you know the filter’s sequence number.
•
Use the
no deny {
source
[
mask
] | any | host
ip-address
}
command.
Parameters
source
Enter the IP address in dotted decimal format of the network from which the packet was
sent.
any
Enter the keyword
any
to specify that all routes are subject to the filter.
host
ip-address
Enter the keyword
host
and then enter the IP address to specify a host IP address only.
count
(OPTIONAL) Enter the keyword
count
to count the packets.
bytes
(OPTIONAL) Enter the keyword
bytes
to count the bytes.
log
(OPTIONAL) Enter the keyword
log
to enter ACL matches in the log.
dscp
(OPTIONAL) Enter the keyword
dcsp
to match the IP DSCP values. The range is from 0
to 63.
ecn
(OPTIONAL) Enter the keyword
ecn
to match the ECN bits. The range is from 0 to 3.
order
(OPTIONAL) Enter the keyword
order
to specify the QoS order for the ACL entry. The
range is from 0 to 254 (where 0 is the highest priority and 254 is the lowest; lower-order
Access Control Lists (ACL)
191
Содержание S6100
Страница 1: ...Dell Command Line Reference Guide for the S6100 ON System 9 11 2 0P1 ...
Страница 474: ...protocol list ttl0 ttl1 Dell 474 Control Plane Policing CoPP ...
Страница 979: ... show lldp neighbors display the LLDP neighbors Link Layer Discovery Protocol LLDP 979 ...
Страница 1627: ... uplink state group creates an uplink state group and enables the tracking of upstream links Uplink Failure Detection UFD 1627 ...