Table of Contents
Advertisement
IP
4 H
A
C
V
ARDWARE
CCESS
ONTROL
-
(
ACCESS
LIST
NUMBERED HARDWARE
access-list (numbered hardware ACL for IP
packets)
Overview
This command creates an access-list for use with hardware classification. The
access-list will match on packets that have the specified source and destination IP
addresses. You can use the value any instead of source or destination address if an
address does not matter.
Once you have configured the ACL, you can use the
access-group
The optional vlan parameter can be used to match tagged (802.1q) packets.
The no variant of this command removes the previously specified IP hardware
access-list.
access-list <3000-3699> <action> ip <source-ip> <dest-ip> [vlan
Syntax
<1-4094>]
no access-list <3000-3699>
Table 24-2: IP and ICMP parameters in access-list (hardware IP numbered)
613-50157-01 Rev C
L
(ACL) C
IST
OMMANDS
ACL
IP
)
FOR
PACKETS
command to apply this ACL to a port or QoS class-map.
Parameter
Description
<3000-3699>
An ID number for this hardware IP access-list.
<action>
The action that the switch will take on matching packets:
deny
permit
send-to-cpu
ip
Match against IP packets
<source-ip>
The source addresses to match against. You can specify a single
host, a subnet, or all source addresses. The following are the valid
formats for specifying the source:
any
host <ip-addr>
<ip-addr>/<prefix>
Command Reference for FS980M Series
AlliedWare Plus™ Operating System - Version 5.4.7-0.x
access-group
or the
Reject packets that match the
source and destination filtering
specified with this command.
Permit packets that match the
source and destination filtering
specified with this command.
Send matching packets to the CPU.
Match any source IP address.
Match a single source host with the
IP address given by <ip-addr> in
dotted decimal notation.
Match any source IP address within
the specified subnet. Specify the
subnet by entering the IPv4 address,
then a forward slash, then the prefix
length.
match
765
Hide quick links:
Advertisement
Table of Contents
