HP ProCurve 5300xl Series Management Manual page 380
Advanced traffic
Hide thumbs
Also See for ProCurve 5300xl Series:
- Access security manual (292 pages) ,
- Specification sheet (12 pages) ,
- Management and configuration manual (508 pages)
Table of Contents
Advertisement
Access Control Lists (ACLs) for the Series 5300xl Switches
Configuring and Assigning an ACL
9-34
Syntax: [no] access-list
Creates an ACE in the specified (1-99) access list and
indicates the action (deny or permit) to take on a packet if
there is a match between the packet and the criterion in the
entry. If the ACL does not already exist, this command
creates the specified ACL and its first ACE. To create a
named ACL, refer to "Configuring a Named ACL" on page
9-44.
< 1-99 >
Specifies the ACL ID number. The switch interprets an ACL
with a value in this range as a standard ACL.
Note: To create an access list with an alphanumeric name
(name-str) instead of a number, refer to "Configuring a
Named ACL" on page 9-44.
< deny | permit >
Specifies whether to deny (drop) or permit (forward) a
packet that matches the ACE criteria.
< any | host < src-ip-addr > | ip-addr / mask-length >
any
•
—
this criterion to designate packets from any IP address
host
•
any IP packet having the < host ip-address > as the source.
Use this criterion to designate packets from a single IP
address.
• IP-addr / mask-length — Performs the specified action on
any IP packet having a source address within the range
defined by either
< src-ip-addr / cidr-mask-bits >
or
< src-ip-addr < mask >>
Use this criterion to filter packets received from either a
subnet or a group of IP addresses. The mask can be in
either dotted-decimal format or CIDR format with the
number of significant bits. Refer to "Using CIDR
Notation To Enter the ACL Mask" on page 9-32.
Performs the specified action on any IP packet. Use
host ip-address
Performs the specified action on
<
> —
.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
