C613-50631-01 Rev A Command Reference for IE340 Series 1961
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS
ACCESS
-LIST (NUMBERED HARDWARE ACL FOR TCP OR UDP)
Mode Global Configuration
Default On an interface controlled by a hardware ACL, any traffic that does not explicitly
match a filter is permitted.
Usage notes This command creates an ACL for use with hardware classification. Once you have
configured the ACL, use the access-group or the match access-group command to
apply this ACL to a port, VLAN or QoS class-map.
ACLs numbered in the range 3000-3699 match on packets that have the specified
source and destination IP addresses.
Examples To create an access-list that will permit TCP packets with a destination address of
192.168.1.1, a destination port of 80, and any source address and source port, enter
the commands:
awplus# configure terminal
awplus(config)# access-list 3000 permit tcp any 192.168.1.1/32
eq 80
<ip-addr>/<prefix> Match any destination IP address
within the specified subnet. Specify
the subnet by entering the IPv4
address, then a forward slash, then
the prefix length.
<ip-addr>
<reverse-mask>
Match any destination IP address
within the specified subnet. Specify
the subnet by entering a reverse
mask in dotted decimal format. For
example, entering “192.168.1.1
0.0.0.255” is the same as entering
192.168.1.1/24.
<dest-ports> Match destination TCP or UDP port numbers. Port numbers are
specified as integers between 0 and 65535. You can specify one or
more port numbers as follows:
eq <0-65535> Match a single port number.
lt <0-65535> Match all port numbers that are less
than the specified port number.
gt <0-65535> Match all port numbers that are
greater than the specified port
number.
ne <0-65535> Match all port numbers except the
specified port number.
range <start-port>
<end-port>
Match a range of port numbers.
vlan <1-4094> The VLAN to match against. The ACL will match against the
specified ID in the packet’s VLAN tag.
Parameter Description
To Next Page
Loading...
Need help?
General
