Layer 3 Access Control List (Acls) - HP procurve 8100fl series Management And Configuration Manual

ProCurve(config)#access-list PermitTCP permit tcp 192.168.1.4 0.0.0.0
10.203.10.1 0.0.0.0
ProCurve(config)#access-list 102 permit ip 10.121.96.0/24 any
ProCurve(config)#access-list 102 deny ip 141.77.132.0/24 any
ProCurve(config)#access-list 102 deny tcp any any
N o t e

Layer 3 Access Control List (ACLs)

An ACL consists of a protocol type and one or more rules which tell the switch
to either permit or deny packets or routes that match the match criteria on
which each rule is based. In this release, the Layer 3 ACL rules describe
particular types of IP packets. ACLs can be simple, consisting of only one rule
or they can be complicated, containing a number of rules for assessing
packets.
ACLs can be created and configured using the access-list command from the
Configuration mode of the CLI. The basic elements of a standard ACL are as
follows:
ProCurve(config)#access-list <n> <deny | permit> <protocol |
source> <destination>
where
<n> is the ACL ID or name
<deny | permit> represents the choices for action to be taken on a match
<protocol | source ip> is the protocol or source address
<destination> is the destination address
For example, the following ACL (PermitTCP) consists of a single access-list
command that permits all IP packets from host 192.168.1.4 to go to host
10.203.101.1.
The following example is a more sophisticated ACL, consisting of three rules,
that can be applied to inbound packets:
In the previous example, each rule is added to the ACL using separate entries
of the access-list command, referencing the same ACL ID of 102.
ACL rules are defined as either permit or deny. All ACL rules must either permit
a packet or route or deny it. No other actions are permitted.
Access Control Lists (ACLs)

Layer 3 Access Control List (ACLs)

15-3