Extreme Networks EAS 100-24t Switch CLI Manual
227
CHAPTER
8
Access Control List (ACL)
Access Control List (ACL) Commands
The switch implements Access Control Lists that enable the it to deny network access to specific devices
or device groups based on IP settings and MAC address.
The Access Control commands in the CLI are listed (along with the appropriate parameters) in the
following table.
Command Parameters
create access_profile [ethernet{vlan {<hex 0x0-0x0fff>} | source_mac <macmask> | destination_mac
<macmask> | 802.1p | ethernet_type} | ip {vlan {<hex 0x0-0x0fff>} |
source_ip_mask <netmask> | destination_ip_mask <netmask> | dscp | [icmp {
type | code} | igmp { type } | tcp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff> | flag_mask [ all | {urg | ack | psh | rst | syn |
fin}] } | udp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>}
| protocol_id_mask <hex 0x0-0xff>]} | ipv6 {class | flowlabel |
source_ipv6_mask <ipv6mask > | [tcp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff>} | udp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff>}]} | packet_content_mask{offset1 <value 2-
126> <hex 0x0-0xffffffff> | offset2 <value 2-126> <hex 0x0-0xffffffff> | offset3
<value 2-126> <hex 0x0-0xffffffff> | offset4 <value 2-126> <hex 0x0-0xffffffff> |
} ] profile_id <value 1-256>
delete access_profile [profile_id <value 1-256> | all]
To Next Page
Loading...
