HP ProCurve 5300xl Series Management Manual page 454

Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl Switches
Configuring and Assigning an ACL
10-44
Syntax: [no] access-list
Creates an ACE in the specified (1-99) access list and
indicates the action (deny or permit) to take on a packet if
there is a match between the packet and the criterion in the
entry. If the ACL does not already exist, this command
creates the specified ACL and its first ACE. To create a
named ACL, refer to "Configuring a Named ACL" on page
10-54
< 1-99 >
Specifies the ACL ID number. The switch interprets an ACL
with a value in this range as a standard ACL.
Note: To create an access list with an alphanumeric name
(name-str) instead of a number, refer to "Configuring a
Named ACL" on page 10-54.
< deny | permit >
Specifies whether to deny (drop) or permit (forward) a
packet that matches the ACE criteria.
< any | host < src-ip-addr > | ip-addr / mask-length >
any
• —
this criterion to designate packets from any IP address
host
•
any IP packet having the < host ip-address > as the source.
Use this criterion to designate packets from a single IP
address.
• IP-addr / mask-length — Performs the specified action on
any IP packet having a source address within the range
defined by either
< src-ip-addr / cidr-mask-bits >
or
< src-ip-addr < mask >>
Use this criterion to filter packets received from either a
subnet or a group of contiguous IP addresses. The mask
can be in either dotted-decimal format or CIDR format
with the number of significant bits. Refer to "Using CIDR
Notation To Enter the ACL Mask" on page 10-42.
Performs the specified action on any IP packet. Use
host ip-address
< > — Performs the specified action on
.