Access Control Lists (ACLs) for the Series 5300xl Switches
Terminology
Action Command Page
Deleting an ACL from HPswitch(config)# no ip access-list
the Switch
< standard | extended >
< name-str | 1-99 | 100 -199 >
< in | out >
Displaying ACL Data HPswitch(config)# show access-list
HPswitch(config)# show access-list config
HPswitch(config)# show access-list vlan < vid >
HPswitch(config)# show config
HPswitch(config)# show running
9-4
7
9-4
8
Terminology
Access Control Entry (ACE): An ACE is a policy consisting of criteria and
an action to take (permit or deny) on a packet if it meets the criteria. The
elements composing the criteria include:
• Source IP address and mask (standard and extended ACLs)
• Destination IP address and mask (extended ACLs only)
• TCP or UDP application port numbers (optional, extended ACLs only)
Access Control List (ACL): A list (or set) consisting of one or more
explicitly configured Access Control Entries (ACEs) and terminating with
an implicit “deny” default which drops any packets that do not have a
match with any explicit ACE in the named ACL. The two classes of ACLs
are “standard” and “extended”. See “Standard ACL” and “Extended ACL”.
ACE: See “Access Control Entry”.
ACL: See “Access Control List”.
ACL ID: A number or alphanumeric string used to identify an ACL. A standard
ACL ID can have either a number from 1 to 99 or an alphanumeric string.
An extended ACL ID can have either a number from 100 to 199 or an
alphanumeric string.
9-5
To Next Page
Loading...
