D-Link DGS-1510 Series Reference Manual page 61
Gigabit ethernet smartpro switch
Hide thumbs
Also See for DGS-1510 Series:
- Web ui reference manual (430 pages) ,
- Getting started manual (65 pages) ,
- Hardware installation manual (64 pages)
Table of Contents
Advertisement
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
specified sequence number will be assigned sequence based new sequence setting of the specified
access list.
When you manually assign the sequence number, it is better to have a reserved interval for future
lower sequence number entries. Otherwise, it will create extra effort to insert an entry with a lower
sequence number.
The sequence number must be unique in the domain of an access-list. If you enter a sequence
number that is already present, an error message will be shown.
Example
This example shows how to create four entries for an IPv6 extended access list named "ipv6-control".
These entries are: permit TCP packets destined to network ff02::0:2/16, permit TCP packets destined
to host ff02::1:2, permit all TCP packets go to port 80 and permit all ICMP packets.
Switch# configure terminal
Switch(config)# ipv6 access-list extended ipv6-control
Switch(config-ipv6-ext-acl)# permit tcp any ff02::0:2/16
Switch(config-ipv6-ext-acl)# permit tcp any host ff02::1:2
Switch(config-ipv6-ext-acl)# permit tcp any any eq 80
Switch(config-ipv6-ext-acl)# permit icmp any any
Switch(config-ipv6-ext-acl)#
This example shows how to create two entries for an IPv6 standard access-list named "ipv6-std-
control". These entries are: permit IP packets destined to network ff02::0:2/16, and permit IP packets
destined to host ff02::1:2.
Switch# configure terminal
Switch(config)# ipv6 access-list ipv6-std-control
Switch(config-ipv6-acl)# permit any ff02::0:2/16
Switch(config-ipv6-acl)# permit any host ff02::1:2
Switch(config-ipv6-acl)#
4-20 permit | deny (mac access-list)
This command is used to define the rule for packets that will be permitted or denied. Use the no form
of this command to remove an entry
[SEQUENCE-NUMBER] {permit | deny} {any | host SRC-MAC-ADDR | SRC-MAC-ADDR SRC-
MAC-WILDCARD} {any | host DST-MAC-ADDR | DST-MAC-ADDR DST-MAC-WILDCARD}
[ethernet-type TYPE MASK [cos VALUE] [vlan VLAN-ID] [time-range PROFILE-NAME]
no SEQUENCE-NUMBER
Parameters
SEQUENCE-NUMBER
any
host SRC-MAC-ADDR
SRC-MAC-ADDR SRC-MAC-
WILDCARD
host DST-MAC-ADDR
DST-MAC-ADDR DST-MAC-
WILDCARD
Specifies the sequence number. The range is from 1 to 65535. The
lower the number is, the higher the priority of the permit/deny rule.
Specifies any source MAC address or any destination MAC
address.
Specifies a specific source host MAC address.
Specifies a group of source MAC addresses by using a wildcard
bitmap. The bit corresponding to the bit value 1 will be ignored. The
bit corresponding to the bit value 0 will be checked.
Specifies a specific destination host MAC address.
Specifies a group of destination MAC addresses by using a wildcard
bitmap. The bit corresponding to the bit value 1 will be ignored. The
58
- Quick Links:
- Basic Cli Commands
Hide quick links:
Advertisement
Table of Contents
