EasyManua.ls Logo

Edge-Core ES3528-WDM - Chapter 23: Access Control List Commands; IP Acls; Table 23-1 Access Control List Commands; Table 23-2 IP ACL Commands

Edge-Core ES3528-WDM
556 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
23-1
Chapter 23: Access Control List Commands
Access Control Lists (ACL) provide packet filtering for IP frames (based on address,
protocol, Layer 4 protocol port number or TCP control code), or any frames (based
on MAC address or Ethernet type). To filter packets, first create an access list, add
the required rules, specify a mask to modify the precedence in which the rules are
checked, and then bind the list to a specific port. This section describes the Access
Control List commands.
IP ACLs
The commands in this section configure ACLs based on IP addresses, TCP/UDP
port number, protocol type, and TCP control code. To configure IP ACLs, first create
an access list containing the required permit or deny rules, set a precedence mask
to control the filter sequence, and then bind the access list to one or more ports
Table 23-1 Access Control List Commands
Command Groups Function Page
IP ACLs Configures ACLs based on IP addresses, TCP/UDP port number,
protocol type, and TCP control code
23-1
MAC ACLs Configures ACLs based on hardware addresses, packet format, and
Ethernet type
23-12
ACL Information Displays ACLs and associated rules; shows ACLs assigned to each port 23-19
Table 23-2 IP ACL Commands
Command Function Mode Page
access-list ip Creates an IP ACL and enters configuration mode for
standard or extended IP ACLs
GC 23-2
permit, deny Filters packets matching a specified source IP address IP-
STD-ACL
23-2
permit, deny Filters packets meeting the specified criteria, including
source and destination IP address, TCP/UDP port number,
protocol type, and TCP control code
IP-
EXT-ACL
23-3
show ip access-list Displays the rules for configured IP ACLs PE 23-5
access-list ip
mask-precedence
Changes to the IP Mask mode used to configure access
control masks
GC 23-6
mask Sets a precedence mask for the ACL rules IP-Mask 23-6
show access-list ip
mask-precedence
Shows the ingress or egress rule masks for IP ACLs PE 23-10
ip access-group Adds a port to an IP ACL IC 23-11
show ip access-group Shows port assignments for IP ACLs PE 23-11

Table of Contents

Related product manuals