To Next Page

To Previous Page

9-55

IPv4 Access Control Lists (ACLs)

Configuring Extended ACLs

Table 9-7. Command Summary for Extended ACLs

Action Command(s) Page

Create an Extended,

Named ACL

Add an ACE to the End

of an Existing,

Extended ACL

ProCurve(config)# ip access-list extended < name-str | 100-199 >

ProCurve(config-std-nacl)# < deny | permit >

< ip | ip-protocol | ip-protocol-nbr >

< any | host <SA > | SA/< mask-length > | SA < mask >>

< any | host < DA > | DA/< mask-length > | DA < mask >>

[ tcp | udp ]

< any | host <SA > | SA/< mask-length > | SA < mask >>

[comparison-operator < value >] ]

< any | host <DA > | DA/< mask-length > | DA < mask >>

[comparison-operator < value >]

[established]

< igmp >

< any | host <SA > | SA/< mask-length > | SA < mask >>

< any | host < DA > | DA/< mask-length > | DA < mask >>

[ igmp-packet-type ]

< icmp >

< any | host <SA > | SA/< mask-length > | SA < mask >>

< any | host < DA > | DA/< mask-length > | DA < mask >>

[ [< 0 - 255 > [ 0 - 255 ] ] | icmp-message ]

[precedence < priority >]

[tos < tos- setting >]

[log]

Create an Extended,

ProCurve(config)# access-list < 100-199 > < deny | permit >

Numbered ACL

< ip-options |tcp/udp-options |igmp-options |icmp-options >

[log]

Add an ACE to the End

[precedence < priority >]

of an Existing,

[tos < tos- setting >]

Numbered ACL

Note: Uses the same IP, TCP/UDP, IGMP, and ICMP options as shown above for

“Create an Extended, Named ACL”.

Insert an ACE by

ProCurve(config)# ip access-list extended < name-str | 100-199 >

Assigning a Sequence

ProCurve(config-ext-nacl)# 1-2147483647 < deny | permit >

Number

Uses the options shown above for “Create an Extended, Named ACL”.

Use Sequence Num- ProCurve(config)# ip access-list extended < name-str | 100-199 >

ber To Delete an ACE ProCurve(config-std-nacl)# no < 1-2147483647 >

Resequence the ACEs ProCurve(config)# ip access-list resequence < name-str | 100-199 >

in an ACL < 1-2147483647 > < 1-2147483646 >

The mask can be in either dotted-decimal notation (such as 0.0.15.255) or CIDR notation (such as /20).

The [ log ] function applies only to “deny” ACLs, and generates a message only when there is a “deny” match.

Table continues on the next page.

9-53

9-65

9-77

9-79

9-80

Other manuals for HP PROCURVE 2910AL

Configuration Guide194 pages

Questions and Answers:

Need help?

Do you have a question about the HP PROCURVE 2910AL and is the answer not in the manual?

HP PROCURVE 2910AL Specifications

General

Model	HP ProCurve 2910al
Switching Capacity	128 Gbps
Throughput	95.2 Mpps
Management	Web, CLI, SNMP
Jumbo Frame Support	Yes
Manageable	Yes
Power	100-240 VAC
Power Supply	Internal
Operating Temperature	0°C to 45°C (32°F to 113°F)
Stacking	Yes
MAC Address Table Size	32000 entries
Routing Protocol	RIP, OSPF
Features	IPv6, VLAN, QoS, ACLs
Operating Humidity	15% to 95% non-condensing
Uplink Ports	4
Power over Ethernet	Yes (PoE+ models available)