Access Control Lists (ACL) | 99
Command
History
Usage
Information
The order option is relevant in the context of the Policy QoS feature only. For more information, refer
to the Quality of Service (QoS) chapter of the FTOS Configuration Guide.
In the MXL Switch, you can configure either count (packets) or count (bytes). However, for an ACL
with multiple rules, you can configure some ACLs with count (packets) and others as count (bytes) at
any given time.
Related
Commands
ip access-list standard
Create a standard IP access list (IP ACL) to filter based on IP address.
Syntax
ip access-list standard access-list-name
Parameters
Defaults
All IP access lists contain an implicit deny any, that is, if no match occurs, the packet is dropped.
Command Modes
CONFIGURATION
Command
History
Usage
Information
FTOS supports one ingress and one egress IP ACL per interface.
The number of entries allowed per ACL is hardware-dependent. For detailed specification on entries
allowed per ACL, refer to your switch documentation.
Example
Figure 6-4. ip access-list standard Command Example
Related
Commands
permit
Configure a filter to permit packets from a specific source IP address to leave the switch.
Syntax
permit {source [mask] | any | host ip-address} [count [byte]] [dscp value] [order]
To remove this filter, you have two choices:
• Use the no seq sequence-number command if you know the filter’s sequence number.
Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module
ip access-list standard Configures a standard ACL.
permit Configures a permit filter.
access-list-name
Enter a string up to 140 characters long as the ACL name.
Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module
FTOS(conf)#ip access-list standard TestList
FTOS(conf-std-nacl)#
ip access-list extended Creates an extended access list.
resequence access-list Displays the current configuration.
To Next Page
Loading...
