C613-50631-01 Rev A Command Reference for IE340 Series 1976
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS
(NAMED HARDWARE ACL ENTRY FOR ICMP)
new filter entry into the middle of an existing list by specifying the appropriate
sequence number. If you do not specify a sequence number, the switch puts the
entry at the end of the ACL and assigns it the next available multiple of 4 as its
sequence number.
Then use the access-group or the match access-group command to apply this ACL
to a port, VLAN or QoS class-map. Note that the ACL will only apply to incoming
data packets.
Examples To add an access-list filter entry with a sequence number of 100 to the access-list
named “my-list” that will permit ICMP packets with a source address of
192.168.1.0/24, any destination address and an ICMP type of 5, use the commands:
awplus# configure terminal
awplus(config)# access-list hardware my-list
awplus(config-ip-hw-acl)# 100 permit icmp 192.168.1.0/24 any
icmp-type 5
To remove an access-list filter entry with a sequence number of 100 from the
access-list named “my-list”, use the commands:
awplus# configure terminal
awplus(config)# access-list hardware my-list
awplus(config-ip-hw-acl)# no 100
Related
commands
access-group
access-list hardware (named hardware ACL)
match access-group
show running-config
show access-list (IPv4 Hardware ACLs)
Command
changes
Version 5.5.3-0.1: deny-and-not-cpu action parameter added on x230, x550, x930,
x950, SBx908 GEN2 Series switches
Version 5.5.3-0.1: log parameter added on x220, x320, x530, x550, x950, SBx908
GEN2 Series switches
Version 5.4.7-2.1: send-to-vlan-port action parameter added on GS900MX,
GS980MX, XS900MX, SBx8100, SBx908 GEN2, x950 Series switches
Version 5.4.6-2.1: send-to-vlan-port action parameter added on IX5, x230, x310,
x510, x930 Series switches
To Next Page
Loading...
Need help?
General
