Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesBigIron RX Series
1491149214931494149514961497149814991500
1420 BigIron RX Series Configuration Guide
53-1002484-04
ACLs (IP)
E
Named ACL
Other ACL commands
Commands See ...
ip access-list extended I standard <acl-name> “Named ACLs: adding a comment to a new ACL on
page 630
“Deleting ACL entries” on page 631
ip access-list extended
<string> | <num> deny | permit
<ip-protocol> <source-ip> | <hostname> <wildcard>
[
<operator> <source-tcp/udp-port>] <destination-ip> |
<hostname> <wildcard> [<operator>
<destination-tcp/udp-port>] [match-all <tcp-flags>]
[match-any
<tcp-flags>] [<icmp-type>] [established]
[precedence
<name> | <num>] [tos <number>]
[dscp-matching
<number>] [802.1p-priority-matching
<number>] [dscp-marking <number>
802.1p-priority-marking
<number>
internal-priority-marking
<number>] [dscp-marking
<number> dscp-cos-mapping] [dscp-cos-mapping]
[fragment] [non-fragment] [first-fragment] [fragment-offset
<number>] [spi <00000000 - ffffffff>] [log]
“Configuring standard or extended named ACLs” on
page 611
“Enabling ACL filtering of fragmented or
non-fragmented packets” on page 639
ip access-list extended
<string> I <num> deny | permit
host
<ip-protocol>
any any [log]
ip access-list extended
<acl-name>
deny | permit host icmp any any [log]
<icmp-type> |
<type-number> <code-number>
“ICMP filtering for extended ACLs” on page 640
ip access-list standard
<string> deny | permit
<source-ip> | <hostname> <wildcard> [log]
“Configuring standard or extended named ACLs” on
page 611
ip access-list standard
<string> deny | permit
<source-ip>/<mask-bits> | <hostname> [log]
ip access-list standard
<string> deny | permit any [log]
ip access-list standard
<string> deny | permit host
<source-ip> | <hostname> [log]
no
<entire-deny-or-permit-statement> “From named ACLs” on page 632
remark
<string> “Named ACLs: adding a comment to a new ACL on
page 630
“Named ACLs: deleting a comment” on page 631
show access-list name
<acl-name> “Displaying ACL definitions” on page 615
Commands See ...
acl-duplication-check “Enabling ACL duplication check” on page 636
clear access-list all | ethernet
<slot>/<port> | ve
<ve-num>
“Clearing the ACL statistics” on page 638