Create Access-List - Extreme Networks ExtremeWare Command Reference Manual
Version 7.7
Hide thumbs
Also See for ExtremeWare:
- Command reference manual (2546 pages) ,
- Command reference manual (2254 pages) ,
- Command reference manual (1598 pages)
Table of Contents
Advertisement
Security Commands
create access-list
create access-list <name> access-mask <access-mask name> {code-point
<code_point>} {dest-mac <dest_mac} {source-mac <src_mac>} {vlan <name>}
{ethertype [IP | ARP | <hex_value>]} {tos <ip_precedence> | {ip-protocol
[tcp | udp | icmp | igmp | <prococol_num>]} {igmp-type [membership-query |
leave-group | v1-membership-report | v2-membership-report |
any]} {ipmc-group <multicast IP address>/<mask length>} {dest-ip
<dest_IP>/<masklength>} {dest-L4port <dest_port>} {source-ip <src_IP>/<mask
length>} {source-L4port <src_port> [permit {qosprofile <qosprofile>} {set
code-point <code_point>} {set dot1p <dot1p_value} | permit-established
|deny]{vlan-pri}{vlan-pri-2bits}
Description
Creates an access list on an "e" series switch.
NOTE
This command is available only on the "e" series switches. To create access lists for "i" series switches,
use the following five commands:
create access-list icmp destination source
create access-list ip destination source ports
create access-list tcp destination source ports
create access-list udp destination source ports
create access-list igmp destination source igmp-type ipmc-group ports
Syntax Description
name
access-mask
code-point
dest-mac
source-mac
vlan
ethertype
tos
ip-protocol
igmp-type
ipmc-group/<mask length> Specifies the IP multicast group and the mask.
dest-ip
dest-L4port
source-ip
source-L4port
set code-point
set dot1p
permit-established
958
Specifies the name of the access list.
Specifies the name of the associated access mask.
Specifies a 6-bit DiffServ code point. Valid entries are from 0 to 63.
Specifies the destination MAC address.
Specifies the source MAC address.
Specifies the VLANid.
Specifies the Ethernet type field, either IP or ARP.
Specifies a 3-bit precedence field within the IP ToS field. Valid entries are from 0 to 7.
Specifies the IP protocol by name (UDP, ICMP, OR IGMP) or by protocol-number.
Specifies the IGMP type. The IGMP type can be membership-query, leave-group, or
v1-membership-report length; or a number between 0 and 255.
Specifies the destination IP address.
Specifies the destination TCP/UDP port.
Specifies the source IP address.
Specifies the source TCP/UDP port.
Specifies a 6-bit DiffServ code point. Valid entries are from 0 to 63.
Specifies the priorities for 802.1p.
Specifies to deny any new TCP session initiation.
<number> |
ExtremeWare 7.7 Command Reference Guide
Advertisement
Table of Contents
