Cisco MDS 9000 series Command Reference Manual page 600

ip access-list
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
The following example removes the IP-ACL called aclPermit.
switch(config-if)# no ip access-group aclPermit
The following example updates aclPermit to deny TCP traffic from any source address to any destination
address.
switch# config terminal
Enter configuration commands, one per line.
switch(config)# ip access-list aclPermit deny tcp any any
The following example defines an IP-ACL that permits this network. Subtracting 255.255.248.0 (normal
mask) from 255.255.255.255 yields 0.0.7.255.
switch# config terminal
Enter configuration commands, one per line.
switch(config)# ip access-list aclPermitUdp permit udp 192.168.32.0 0.0.7.255 any
The following example permits all IP traffic from and to the specified networks.
switch# config terminal
Enter configuration commands, one per line.
switch(config)# ip access-list aclPermitIpToServer permit ip 10.1.1.0 0.0.0.255
172.16.1.0 0.0.0.255
The following example denies TCP traffic from 1.2.3.0 through source port 5 to any destination.
switch# config terminal
Enter configuration commands, one per line.
switch(config)# ip access-list aclDenyTcpIpPrt5 deny tcp 1.2.3.0 0.0.0.255 eq port 5 any
The following example removes this entry from the IP-ACL.
switch# config terminal
Enter configuration commands, one per line.
switch(config)# no ip access-list aclDenyTcpIpPrt5 deny tcp 1.2.3.0 0.0.0.255 eq port 5
any
Related Commands Command
show ip access-list
Cisco MDS 9000 Family Command Reference
11-42
Description
Displays the IP-ACL configuration information.
End with CNTL/Z.
End with CNTL/Z.
End with CNTL/Z.
End with CNTL/
End with CNTL/
OL-8413-07, Cisco MDS SAN-OS Release 3.x
Chapter 11 I Commands