Dell PowerConnect B-RX Configuration Manual page 598

Bigiron rx series supporting multi-service ironware v02.7.03

Hide thumbs Also See for PowerConnect B-RX:

Configuration manual (1458 pages)

Getting started manual (32 pages)

Installation manual (240 pages)

Table of Contents

Configuring numbered and named ACLs

Syntax: [no] access-list <num> deny | permit host <ip-protocol> any any [log]

Syntax: [no] ip access-group <num> in

The 16 x 10 GE module only supports the following extended ACLs.

Syntax: [no] ip access-list <num> deny | permit <ip-protocol>

General parameters for extended ACLs

The following parameters apply to any extended ACL you are creating.

deny | permit

src-mac <src-mac> <mask>

[<operator> <destination-tcp/udp-port>]

[match-all <tcp-flags>] [match-any <tcp-flags>]

[<icmp-type>] [established] [precedence <name> | <num>]

[tos <number>] [dscp-matching <number>]

[802.1p-priority-matching <number>]

[dscp-marking <number> 802.1p-priority-marking <number> internal-priority-marking

<number>] | [dscp-marking <number> dscp-cos-mapping] | [dscp-cos-mapping]

[fragment] [non-fragment] [first-fragment]

[fragment-offset <number>]

[spi <00000000 - ffffffff>] [log]

<source-ip> | <hostname> <wildcard>

[<operator> <source-tcp/udp-port>]

<destination-ip> | <hostname> <wildcard>

[<operator> <destination-tcp/udp-port>]

[match-all <tcp-flags>] [match-any <tcp-flags>]

[<icmp-type>] [established] [precedence <name> | <num>]

Enter 100 – 199 for a super ACL.

Enter deny if the packets that match the policy are to be dropped; permit if they are

to be forwarded.

Add this parameter to the end of an ACL statement to enable the generation of

SNMP traps and Syslog messages for packets denied by the ACL.You can enable

logging on ACLs and filters that support logging even when the ACLs and filters are

already in use. To do so, re-enter the ACL or filter command and add the log

parameter to the end of the ACL or filter. The software replaces the ACL or filter

command with the new one. The new ACL or filter, with logging enabled, takes

effect immediately.

NOTE: Logging must be enable on the interface to which the ACL is bound before

SNMP traps and Syslog messages can be generated, even if the log

parameter is entered. Refer to

Specify the source MAC host for the policy. If you want the policy to match on all

source addresses, enter any.

"ACL logging"

on page 547.

BigIron RX Series Configuration Guide

53-1001986-01

Chapters

Table of Contents

Bigiron rx series

Dell PowerConnect B-RX Configuration Manual page 598

Chapters

Related Manuals for Dell PowerConnect B-RX

Related Products for Dell PowerConnect B-RX

This manual is also suitable for:

Table of Contents