C613-50631-01 Rev A Command Reference for IE340 Series 2028
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV4 SOFTWARE ACCESS CONTROL LIST (ACL) COMMANDS
ACCESS
-LIST STANDARD (NAMED)
access-list standard (named)
Overview This command configures a standard named access-list that permits or denies
packets from a specific source IP address. You can:
• use this command to enter a new or existing ACL name and enter the IPv4
Standard ACL Configuration mode. Once in that mode, you can create an
ACL filter entry using the command (access-list standard named filter). This
approach lets you give the entry a sequence number.
• or, use this command to create an ACL and an ACL filter entry at the same
time. With this approach, you cannot give the entry a sequence number, so
the entry will go after any existing entries.
The no variant of this command removes a specified standard named access-list.
Syntax [to enter
the sub-mode]
access-list standard <standard-acl-name>
no access-list standard <standard-acl-name>
Syntax [to create
an ACL entry]
access-list standard <standard-acl-name> {deny|permit}
{any|<ip-addr>/<prefix>}
no access-list standard <standard-acl-name> {deny|permit}
{any|<ip-addr>/<prefix>}
Mode Global Configuration
Default Any traffic controlled by a software ACL that does not explicitly match a filter is
denied.
Usage notes Use this command when configuring a standard named access-list for filtering IP
software packets.
You can either create access-lists from within this command, or you can enter
access-list standard followed by only the name. Entering only the name moves
you to the IPv4 Standard ACL Configuration mode for the selected access-list. From
Parameter Description
<standard-acl-name> Specify a name for the standard access-list.
deny The access-list rejects packets that match the source
filtering specified with this command.
permit The access-list permits packets that match the source
filtering specified with this command.
any Match any source IP address.
<ip-addr>/<prefix> Match the source address of the packets. Specify an IPv4
address in dotted decimal format, followed by a forward
slash, then the prefix length. This matches any destination
IP address within the specified subnet.
To Next Page
Loading...
Need help?
General
