Example 45 Listing an IPv4 extended ACL
HP Switch(config)# show access-list List-120
Access Control Lists
Name: List-120
Type: Extended
Applied: No
1
SEQ Entry
----------------------------------------------------------
10 Action: permit
2
Remark: Telnet Allowed
3
Src IP: 10.30.133.27 Mask: 0.0.0.0 Port(s): eq
23
4
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
5
6
Proto : TCP (Established)
7
TOS : - Precedence: routine
20 Action: deny (log)
Src IP: 10.30.133.1 Mask: 0.0.0.255 Port(s):
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Proto : IP
TOS : - Precedence: -
30 Action: permit
Src IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
1
Indicates whether the ACL is applied to an interface
2
Remark Field (Appears if remark configured)
3
Source Address
4
TCP Source Port
6
Protocol Data
7
DSCP Codepoint and Precedence Data
5
Empty field indicates that the destination TCP port can be any value
The show access-list <identifier> config command in Example 46 “An ACL listed
with the config option” shows the same ACL data as show access-list <identifier>
but in the format used by the show <run|config> commands.
Example 46 An ACL listed with the config option
Port-1(config)# show access-list List-120 config
ip access-list extended "List-120"
10 remark "Telnet Allowed"
10 permit tcp 10.30.133.27 0.0.0.0 eq 23 0.0.0.0 255.255.255.255
precedence 0 established
20 deny ip 10.30.133.1 0.0.0.255 0.0.0.0 255.255.255.255 log
30 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
Table 17 Data types included in show access-list <acl-id> output
DescriptionField
Permit (forward) or deny (drop) a packet when it is compared to the criteria in the applicable
ACE and matches. Includes the optional log option, if used, in deny actions.
Action
Yes means the ACL has been applied to an interface.
No means the ACL exists in the switch configuration, but has not been applied to any interface
and is therefore not in use.
Applied
Displaying ACL configuration data 101
To Next Page
Loading...
