C613-50631-01 Rev A Command Reference for IE340 Series 2032
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV4 SOFTWARE ACCESS CONTROL LIST (ACL) COMMANDS
(ACCESS-LIST STANDARD NAMED FILTER)
(access-list standard named filter)
Overview This ACL filter adds a source IP address filter entry to a current named standard
access-list. If the sequence number is specified, the new filter entry is inserted at
the specified location. Otherwise, the new entry is added at the end of the
access-list.
The no variant of this command removes a source IP address filter entry from the
current named standard access-list. You can specify the source IP address filter
entry for removal by entering either its sequence number (e.g. no 10), or by
entering its source IP address filter profile without specifying its sequence number
(e.g. no deny any).
Note that you can find the sequence number by running the show access-list (IPv4
Software ACLs) command.
Syntax
[<sequence-number>] {deny|permit} {any|<ip-addr>/<prefix>
[exact-match]}
no <sequence-number>
no {deny|permit} {any|<ip-addr>/<prefix> [exact-match]}
Mode IPv4 Standard ACL Configuration
Default Any traffic controlled by a software ACL that does not explicitly match a filter is
denied.
Usage notes An ACL can be configured with multiple ACL filters using sequence numbers. If the
sequence number is omitted, the next available multiple of 4 will be used as the
sequence number for the new filter. A new ACL filter can be inserted into the
middle of an existing list by specifying the appropriate sequence number.
Parameter Description
<sequence-number> <1-65535>
The sequence number for the filter entry of the
selected access control list.
deny Access-list rejects packets of the source filtering
specified.
permit Access-list allows packets of the source filtering
specified
any Match any source IP address.
<ip-addr>/<prefix> Match the source address of the packets. Specify an
IPv4 address in dotted decimal format, followed by a
forward slash, then the prefix length. This matches any
destination IP address within the specified subnet.
exact-match Specify an exact IP prefix to match on.
To Next Page
Loading...
Need help?
General
