Table of Contents
Advertisement
5
Global Configuration commands
access-list
[<100-199>|<2000-269
9>] [permit|deny]
[icmp|ip|tcp|udp]
[<IP/MASK>|any|
host <IP>]
{[rule-precedence
<1-5000> {log}|log]}
access-list
[<100-199>|<2000-269
9>] mask [8021p
<0-7>|dscp <0-63>|tos
<0-255>]
[icmp|ip|tcp|udp]
[<IP/MASK>|any|
host <IP>]
{[rule-precedence
<1-5000> {log}|log]}
Use an access list command under the global configuration to create an access list. The controller
supports port, router and WLAN ACLs
224
Adds an Extended IP access list entry.
•
(<100-199>|<2000-2699>) – For ICMP extended ACLs, the
ACL must be between 2000-2699
•
[deny|permit] – Defines action types on an ACL
•
[icmp|ip|tcp|udp] – The protocol type for the extended
ACL entry
•
[<IP/MASK>| host <IP>| any] – <IP/MASK> is the
source address of the network or host in dotted
decimal format. For example, 10.1.1.10/24
indicates the first 24 bits of the source IP are used
for matching
•
The keyword any is an abbreviation for a source IP of
0.0.0.0 and source-mask bits equal to 0
•
The keyword host is an abbreviation for exact source
(A.B.C.D) and source-mask bits equal to 32
•
log – Generates log messages when the packet
coming from the interface matches the ACL entry.
Log messages are generated only for router ACL's.
This is an optional parameter
•
rule-precedence <1-5000> – Define an Integer value
between 1-5000. This value sets the rule precedence
in the ACL. This is an optional parameter
Adds an Extended IP access list entry.
•
(<100-199>|<2000-2699>) – For ICMP extended ACLs, the
ACL must be between 2000-2699
•
mark – Marks a packet. The action type
functional only over a Port ACL
•
8021p <0-7> – Used only with the action type
to specify 8021p priority values
•
dscp <0-63> – Used only with the action type
to specify DSCP values
•
tos <0-255> – Used only with the action type
to specify type of service (tos) values
•
[icmp|ip|tcp|udp] – The protocol type for the
extended ACL entry
•
[<IP/MASK>| host <IP>| any] – <IP/MASK> is the
source address of the network or host in dotted
decimal format. For example, 10.1.1.10/24
indicates the first 24 bits of the source IP are used
for matching
•
The keyword any is an abbreviation for a source IP of
0.0.0.0 and source-mask bits equal to 0
•
The keyword host is an abbreviation for exact source
(A.B.C.D) and source-mask bits equal to 32
•
log – Generates log messages when the packet
coming from the interface matches the ACL entry.
Log messages are generated only for router ACL's.
This is an optional parameter
•
rule-precedence <1-5000> – Define an Integer value
between 1-5000. This value sets the rule precedence
in the ACL. This is an optional parameter
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
is
mark
mark
mark
mark
53-1001931-01
- Quick Links:
- Common Commands
- Show
Hide quick links:
Advertisement
Table of Contents
