Table of Contents
Advertisement
C H A P T E R 1 4
Table 68: Access List Configuration Commands (continued)
Command
create access-list icmp destination
[<dest_ipaddress>/<mask> | any] source
[<src_ipaddress>/<source_mask> | any] type
<icmp_type> code <icmp_code> [permit |
deny] {<portlist>}
delete access-list <name>
disable access-list <name> counter
enable access-list <name> counter
show access-list {<name> | ports <portlist>} Displays access-list information.
show access-list-fdb
Access Policies
Description
Creates a named IP access list. The access list is
applied to all ingress packets. Options include:
•
•
•
•
•
•
•
•
Deletes an access list.
Disables the collection of access-list statistics.
Enables the collection of access-list statistics.
The default setting is enabled.
Displays the hardware access control list
mapping.
— Specifies the access list name.
<name>
The access list name can be between 1 and 16
characters.
— Specifies an ICMP access list.
icmp
— Specifies an IP destination
destination
address and subnet mask. A mask length of
32 indicates a host entry.
— Specifies an IP source address and
source
subnet mask.
— Specifies the ICMP_TYPE number.
type
The ICMP type is a number from 0 to 255.
— Specifies the ICMP_CODE number.
code
The ICMP code is a number from 0 to 255.
— Specifies the packets that match
permit
the access list description are permitted to be
forward by this switch. An optional QoS
profile can be assigned to the access list, so
that the switch can prioritize packets
accordingly.
— Specifies the packets that match the
deny
access list description are filtered (dropped)
by the switch.
261
Advertisement
Table of Contents
