2.6.4 ACL Command
Switch(config)# acl [1-192]
The total number of ACL rule can be
created is 192. Use this command to
enter ACL configuration mode for each
ACL rule. When you enter each ACL
rule, you can further configure detailed
settings for this rule.
Switch(config-acl-RULE)#
action [deny | copy(mirror) |
permit | redirect]
[deny | copy(mirror)
| permit | redirect]
Specify action to the ACL-matched
packet.
Switch(config-acl-RULE)#
action-port [port]
Specify copy(mirror)-to/redirect-to port
(1~28).
Switch(config-acl-RULE)#
apply
To have the specified rule taken effect.
Switch(config-acl-RULE)#
destination-ipv4 any
Specify destination IPv4 address as
“ANY”.
Switch(config-acl-RULE)#
destination-ipv4 address
[A.B.C.D] [0-255.X.X.X]
Specify destination IPv4 address.
Specify destination IPv4 mask.
Switch(config-acl-RULE)#
destination-ipv6 any
Specify destination IPv6 address as
“ANY”.
Switch(config-acl-RULE)#
destination-ipv6 address
[A:B:C:D:E:F:G:H]
[10~128]
Specify destination IPv6 address.
Specify destination IPv6 prefix-length.
Switch(config-acl-RULE)#
destination-l4-port any
Specify destination Layer4 port as
“ANY”.
Switch(config-acl-RULE)#
destination-l4-port [1-
65535] [0xWXYZ]
Specify destination Layer4 port.
Specify destination Layer4 mask.
(Range:0x0000~FFFF)
Switch(config-acl-RULE)#
destination-mac any
Specify destination MAC as “ANY”.
Switch(config-acl-RULE)#
destination-mac mac
[xx:xx:xx:xx:xx:xx]
[ff:ff:ff:00:00:00]
Specify destination MAC mask.
Switch(config-acl-RULE)#
ethertype [any | 0xWXYZ]
Specify Ethertype (Range: 0x0000
~FFFF) or “ANY”.
Switch(config-acl-RULE)#
ingress-port [any | port-list]
Specify ingress port(s) or “ANY”.
Switch(config-acl-RULE)#
protocol [any | 0xWX]
Specify IPv4 protocol and IPv6 next
header (Range: 0x00~FF) or “ANY”.
Switch(config-acl-RULE)#
rate-limit [0,16-1048560]
Specify rate limitation from 16 to
1048560 kbps. (0:Disable)
To Next Page
Loading...
Need help?
General
