Supermicro SSE-F3548S/SSE-F3548SR Configuration User’s Guide
matched. Users can specify any DSCP
value from 0 to 63. This DSCP
configuration is optional.
The priority keyword lets users assign a
priority for this ACL rule.
This priority is an optional parameter. It
can be any value from 1 to 255. The
default value is 1.
A Redirect ACL rule needs additional
<interface-type><interface-
id>parameters to definethe port to
which the packets matching this ACL
rule need to be redirected.
Displays the configured ACL rule
Optional step – Saves this ACL
configuration to be part of startup
The examples below show various ways to create IP Extended ACLs for TCP traffic.
Create a deny IP Extended ACL with ACL number 100 to deny all traffic toUDP port 1350.
SMIS# configure terminal
SMIS(config)# ip access-list extended 100
SMIS(config-ext-nacl)# deny udp any anyeq 1350
Create a deny IP Extended ACL with ACL name acl_cw3 to deny all UDP traffic on 172.20.0.0 network.
SMIS# configure terminal
SMIS(config)# ip access-list extended acl_cw3
SMIS(config-ext-nacl)# deny udp any 172.20.0.0 255.255.0.0
Create a redirect IP Extended ACL to redirect all packets from subnet 172.20.20.X going to IP
172.20.0.1with destination UDP ports equal to 1000 to interface fx 0/10.
SMIS# configure terminal
SMIS(config)# ip access-list extended 500
SMIS(config-ext-nacl)# redirect fx 0/10 udp 172.20.20.0 255.255.255.0 host 172.20.0.1 eq 1000
8.3.13 Creating IP Extended ACLs for ICMP Traffic
Follow the steps below to create an IP Extended ACL for TCP traffic.
To Next Page
Loading...
