Create Access-List Ip Destination Source Ports - Extreme Networks ExtremeWare Command Reference Manual
Version 7.7
Hide thumbs
Also See for ExtremeWare:
- Command reference manual (2546 pages) ,
- Command reference manual (2254 pages) ,
- Command reference manual (1598 pages)
Table of Contents
Advertisement
Security Commands
create access-list ip destination source ports
create access-list <name> ip destination [<dest_ipaddress>/<mask> | any]
source [<src_ipaddress>/<src_mask> | any] [permit {<qosprofile>} | deny]
ports [<portlist> | any] {precedence <prec_number>}
Description
Creates a named IP access list that applies to all IP traffic.
NOTE
This command is available only on the "i" series switches. To create an access list for an "e" series
switch, use the
create access-list
Syntax Description
name
dest_ipaddress/mask
src_ipaddress/src_mask
permit
qosprofile
deny
portlist
prec_number
Default
N/A
Usage Guidelines
The access list is applied to all ingress packets.
Examples
The following example defines an access list entry allow102 with precedence 40 that permits all traffic
on any ingress ports to the 10.2.x.x subnet, and assigns QoS profile Qp3 to those packets:
create access-list allow102 ip dest 10.2.0.0/16 source 0.0.0.0/0 permit qosprofile qp3
ports any precedence 40
The following command defines a default entry that is used to specify an explicit deny:
964
command.
Specifies the access list name. The access list name can be between 1 and
31 characters.
Specifies an IP destination address and subnet mask. A mask length of 32 indicates
a host entry.
any specifies that any address will match.
Specifies a source IP address and subnet mask.
any specifies that any address will match.
Specifies that packets that match the access list description are permitted to be
forward by this switch.
Specifies an optional QoS profile can be assigned to the access list, so that the
switch can prioritize packets accordingly.
Specifies that packets that match the access list description are filtered (dropped) by
the switch.
Specifies the ingress port(s) on which this rule is applied.
any specifies that the rule will be applied to all ports.
Specifies the access list precedence number. The range is 1 to 25,600.
ExtremeWare 7.7 Command Reference Guide
Advertisement
Table of Contents
