Service Manual
ip access-group
Apply an egress IP ACL to an interface.
Syntax ip access-group access-list-name {in | out} [implicit-permit] [vlan vlan-id]
Parameters
access-list-name Enter the name of a configured access list, up to 140 characters.
in Enter the keyword in to apply the ACL to incoming traffic.
out Enter the keyword out to apply the ACL to the outgoing traffic.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to change the default action of
the ACL from implicit-deny to implicit-permit (that is, if the traffic does not match the
filters in the ACL, the traffic is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan then the ID numbers of the VLANs.
Defaults Not enabled..
Command Modes INTERFACE
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module platform.
Usage Information You can assign one ACL (standard or extended ACL) to an interface..
NOTE: This command is
not
supported on the MXL Switch Loopback interfaces.
NOTE: If outbound(egress) IP ACL is applied on switch port, filter will be applied only for routed traffic
egressing out of that port.
Related Commands
ip access-list standard — configures a standard ACL.
ip access-list extended — configures an extended ACL.
show ip access-lists
Display all of the IP ACLs configured in the system, whether or not they are applied to an interface, and the count of matches/mismatches
against each ACL entry displayed.
Syntax
show ip access-lists [access-list-name] [interface interface] [in]
Parameters
access-list-name Enter the name of a configured MAC ACL, up to 140 characters.
interface interface Enter the keyword interface then the one of the following keywords and slot/port or
number information:
• For a Port Channel interface, enter the keywords port-channel then a number.
The range is from 1 to 128.
•
For a 10-Gigabit Ethernet interface, enter the keyword TenGigabitEthernet
then the slot/port information.
Access Control Lists (ACL) 145