Command Line Interface
6911553-KDU 137 365 Uen D 2006-06-16
IP ACLs
The commands in this section configure ACLs based on IP addresses, TCP/
UDP port number, protocol type, and TCP control code. To configure IP ACLs,
first create an access list containing the required permit or deny rules, set a
precedence mask to control the filter sequence, and then bind the access list to
one or more ports
Table 68 IP ACL Commands
Command Function Mode Page
access-list ip Creates an IP ACL and enters configuration mode
for standard or extended IP ACLs
GC 692
permit, deny Filters packets matching a specified source IP
address
STD-
ACL
693
permit, deny Filters packets meeting the specified criteria,
including source and destination IP address, TCP/
UDP port number, protocol type, and TCP control
code
EXT-
ACL
694
show ip access-
list
Displays the rules for configured IP ACLs PE 697
access-list ip
mask-precedence
Changes to the mode for configuring access
control masks
GC 698
mask Sets a precedence mask for the ACL rules IP-
Mask
699
show access-list
ip mask-
precedence
Shows the ingress or egress rule masks for IP
ACLs
PE 705
ip access-group Adds a port to an IP ACL IC 705
show ip access-
group
Shows port assignments for IP ACLs PE 705
To Next Page
Loading...
