EasyManua.ls Logo

Cisco Nexus 9000 Series - Page 262

Cisco Nexus 9000 Series
562 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
PurposeCommand or Action
Enters IP ACL configuration mode for the ACL that you
specify by name.
Enter one of the following commands:
Step 2
ip access-list name
ipv6 access-list name
Example:
switch(config)# ip access-list acl-01
switch(config-acl)#
Creates a rule in the IP ACL. Using a sequence number
allows you to specify a position for the rule in the ACL.
(Optional) [sequence-number] {permit | deny} protocol
source destination
Step 3
Without a sequence number, the rule is added to the end of
Example:
the rules. The sequence-number argument can be a whole
number between 1 and 4294967295.
switch(config-acl)# 100 permit ip 192.168.2.0/24
any
The permit and deny commands support many ways of
identifying traffic.
Optimizes fragment handling for noninitial fragments. When
a device applies to traffic an ACL that contains the
(Optional) [no] fragments {permit-all | deny-all}
Example:
Step 4
fragments command, the fragments command only
switch(config-acl)# fragments permit-all
matches noninitial fragments that do not match any explicit
permit or deny commands in the ACL.
The no option removes fragment-handling optimization.
Removes the rule that you specified from the IP ACL.
(Optional) no {sequence-number | {permit | deny}
protocol source destination}
Step 5
The permit and deny commands support many ways of
identifying traffic.
Example:
switch(config-acl)# no 80
Specifies that the device maintains global statistics for
packets that match the rules in the ACL.
(Optional) [no] statistics per-entry
Example:
Step 6
The no option stops the device from maintaining global
statistics for the ACL.
switch(config-acl)# statistics per-entry
Displays the IP ACL configuration.(Optional) Enter one of the following commands:
Step 7
show ip access-lists name
show ipv6 access-lists name
Example:
switch(config-acl)# show ip access-lists acl-01
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 8
switch(config-acl)# copy running-config
startup-config
Related Topics
Changing Sequence Numbers in an IP ACL, on page 238
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
236
Configuring IP ACLs
Changing an IP ACL

Table of Contents

Other manuals for Cisco Nexus 9000 Series

Preview: Manual
Manual30 pages
Preview: Troubleshooting Guide
Troubleshooting Guide126 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Quick Start Configuration Guide
Quick Start Configuration Guide6 pages
Preview: Installation
Installation12 pages
Preview: Installing
Installing8 pages

Related product manuals