EasyManuals Logo

Allied Telesis IE340 Series User Manual

Allied Telesis IE340 Series
3474 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1959 background imageLoading...
Page #1959 background image
C613-50631-01 Rev A Command Reference for IE340 Series 1959
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS
ACCESS
-LIST (NUMBERED HARDWARE ACL FOR TCP OR UDP)
access-list (numbered hardware ACL for TCP
or UDP)
Overview This command creates an access-list for use with hardware classification. The
access-list will match on TCP or UDP packets that have the specified source and
destination IP addresses and optionally, port values. You can use the value any
instead of source or destination IP address if an address does not matter.
Once you have configured the ACL, you can use the access-group or the match
access-group command to apply this ACL to a port, VLAN or QoS class-map.
You can use the optional vlan parameter to match tagged (802.1q) packets.
The no variant of this command removes the specified IP hardware access-list.
Hardware ACLs will permit access unless explicitly denied by an ACL action.
CAUTION: Specifying a “send” action enables you to use ACLs to redirect packets from
their original destination. Use such ACLs with caution. They could prevent control
packets from reaching the correct destination, such as EPSR healthcheck messages
and AMF messages.
Syntax
access-list <3000-3699> <action> {tcp|udp} <source-ip>
[<source-ports>] <dest-ip> [<dest-ports>] [vlan <1-4094>]
no access-list <3000-3699>
The following actions are available for hardware ACLs:
Values for the <action> parameter
deny Reject packets that match the source and destination
filtering specified with this command.
permit Permit packets that match the source and destination
filtering specified with this command.
copy-to-cpu Send a copy of matching packets to the CPU.
copy-to-mirror Send a copy of matching packets to the mirror port.
Use the mirror interface command to configure the mirror
port.
send-to-mirror Send matching packets to the mirror port.
Use the mirror interface command to configure the mirror
port.
send-to-vlan-port
vlan <vid> port
<port-number>
Send matching packets to the specified port, tagged with
the specified VLAN. The specified port must belong to the
specified VLAN.
send-to-cpu Send matching packets to the CPU.

Table of Contents

Other manuals for Allied Telesis IE340 Series

Preview: Installation Guide
Installation Guide136 pages
Preview: Quick Installation Guide
Quick Installation Guide4 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Allied Telesis IE340 Series and is the answer not in the manual?

Allied Telesis IE340 Series Specifications

General IconGeneral
BrandAllied Telesis
ModelIE340 Series
CategorySwitch
LanguageEnglish

Related product manuals