Cisco mds 9124 - fabric switch

Cisco mds 9124 - fabric switch

1550 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Send documentation comments to mdsfeedback-doc@cisco.com

11-44

Cisco MDS 9000 Family Command Reference

OL-16217-01, Cisco MDS SAN-OS Release 3.x

Chapter 11 I Commands

ip access-list

Defaults Denied.

Command Modes Configuration mode.

Command History

Usage Guidelines Using the log-deny option at the end of the individual ACL entries shows the ACL number and whether

the packet was permitted or denied, in addition to port-specific information. This option causes an

information logging message about the packet that matches the dropped entry (or entries).

Examples The following example configures the an IP-ACL called aclPermit and permits IP traffic from any source

address to any destination address.

switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# ip access-list aclPermit permit ip any any

operator Compares source or destination ports to the packet and has the following

options:

any = Any destination IP

eq = Equal source port

gt = Greater than and including source port

lt = Less than and including source port

range port = Source port range port-value

port port-value Specifies the decimal number (ranging from 0 to 65535) or one of the

following names to indicate a TCP or UDP port.

The TCP port names are: dns, ftp, ftp-data, http, ntp, radius, sftp, smtp, snmp,

snmp-trap, ssh, syslog, tacacs-ds, telnet, wbem-http, wbem-https, and www.

The UDP port names are: dns, ftp, ftp-data, http, ntp, radius, sftp, smtp,

snmp, snmp-trap, ssh, syslog, tacacs-ds, telnet, tftp, wbem-http, wbem-https,

and www.

icmp-type icmp-value Filters ICMP packets by ICMP message type. The range is 0 to 255. The

types include: echo, echo-reply, redirect, time-exceeded, traceroute, and

unreachable.

established Indicates an established connection for the TCP protocol. A match occurs if

the TCP datagram has the ACK, FIN, PSH, RST, SYN or URG control bits

set. The non-matching case is that of the initial TCP datagram to form a

connection.

tos tos-value Filters packets by the following type of service level: normal-service (0),

monetary-cost (1), reliability (2), throughput (4), and delay (8).

log-deny Sends an information logging message to the console about the packet that is

denied entry.

Release Modification

1.2(1) This command was introduced.

Table of Contents

Related product manuals

Preview: 9134 - MDS Multilayer Fabric Switch

9134 - MDS Multilayer Fabric Switch

Preview: Cisco MDS 9148

Cisco MDS 9132T

Preview: Cisco MDS 9148T

Cisco MDS 9148T

Preview: Cisco MDS 9148V-K9

Cisco MDS 9148V-K9

Preview: Cisco MDS 9100 Series

Cisco MDS 9100 Series

Preview: Cisco MDS 9000

Preview: Cisco MDS 9396T

Cisco MDS 9396T

Preview: Cisco MDS 9000 Series

Cisco MDS 9000 Series

Cisco MDS 9700 Series

Cisco MS225-48FP

Preview: Cisco MCS 7800 Series

Cisco MCS 7800 Series