Service-Acl - Dell PowerConnect 6024F Command Line Interface Reference Manual
Command
line interface (cli) guide (.htm)
Hide thumbs
Also See for PowerConnect 6024F:
- User manual (474 pages) ,
- Getting started manual (66 pages) ,
- Getting started manual (154 pages)
Table of Contents
Advertisement
User Guidelines
When an access control entry (ACE) is added to an access control list, an implied deny-any-
any condition exists at the end of the list. If there are no matches, the packets are denied.
However, before the first ACE is added, the list permits all packets.
If vlan id is used as a classifier element then it cannot connect a policy map to a VLAN
interface.
Example
The following example configures a MAC ACE to deny traffic from MAC address 6:6:6:6:6:6.
Console (config)# mac access-list dell
Console (config-mac-al)# deny 06:06:06:06:06:06 00:00:FF:FF:FF:FF
any
service-acl
The service-acl interface configuration command applies an access-list to the interface input. To
detach an access-list from an interface use the no form of this command.
Syntax
service-acl {input acl-name}
no service-acl {input}
•
input acl-name—Apply the specified ACL to the input interface.
Default Configuration
This command has no default configuration.
Command Mode
Interface Configuration mode
User Guidelines
Whenever an ACL is assigned to an interface (port, LAG or VLAN), flows (from that ingress
interface) that do not match the ACL are matched to the default rule: "drop unmatched
packets". If an ACL X is bound to a port and the port becomes a member of the VLAN to
which a different ACL Y is bound, then the ACL Y bound to the VLAN overrides the ACL X
bound to the port.
Example
The following example attaches the ACL "dell" to the interface input.
Console (config-if)# service-acl input dell
83
ACL Commands
Advertisement
Table of Contents
