Manualshelf

Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON
111112113114115116117118119120
A standard IP ACL uses the source IP address as its match criterion.
1 Enter IP ACCESS LIST mode by naming a standard IP access list.
CONFIGURATION mode
ip access-list standard access-listname
2 Congure a drop or forward lter.
CONFIG-STD-NACL mode
seq sequence-number {deny | permit} {source [mask] | any | host ip-address} [count [byte]
[dscp] [order] [monitor [session-id]] [fragments]
NOTE: When assigning sequence numbers to lters, keep in mind that you might need to insert a new lter. To prevent
reconguring multiple lters, assign sequence numbers in multiples of ve.
To view the rules of a particular ACL congured on a particular interface, use the show ip accounting access-list ACL-name
interface interface command in EXEC Privilege mode.
Example of Viewing the Rules of a Specic ACL on an Interface
The following is an example of viewing the rules of a specic ACL on an interface.
DellEMC#show ip accounting access-list ToOspf interface gig 1/6
Standard IP access list ToOspf
seq 5 deny any
seq 10 deny 10.2.0.0 /16
seq 15 deny 10.3.0.0 /16
seq 20 deny 10.4.0.0 /16
seq 25 deny 10.5.0.0 /16
seq 30 deny 10.6.0.0 /16
seq 35 deny 10.7.0.0 /16
seq 40 deny 10.8.0.0 /16
seq 45 deny 10.9.0.0 /16
seq 50 deny 10.10.0.0 /16
DellEMC#
The following example shows how the seq command orders the lters according to the sequence number assigned. In the example, lter
25 was congured before lter 15, but the
show config command displays the lters in the correct order.
DellEMC(config-std-nacl)#seq 25 deny ip host 10.5.0.0 any log
DellEMC(config-std-nacl)#seq 15 permit tcp 10.3.0.0 /16 any monitor 300
DellEMC(config-std-nacl)#show config
!
ip access-list standard dilling
seq 15 permit tcp 10.3.0.0/16 any monitor 300
seq 25 deny ip host 10.5.0.0 any log
DellEMC(config-std-nacl)#
To delete a lter, use the no seq sequence-number command in IP ACCESS LIST mode. If you are creating a standard ACL with only
one or two lters, you can let Dell EMC Networking OS assign a sequence number based on the order in which the lters are congured.
The software assigns lters in multiples of 5.
Conguring a Standard IP ACL Filter
If you are creating a standard ACL with only one or two lters, you can let Dell EMC Networking OS assign a sequence number based on
the order in which the lters are congured. The software assigns lters in multiples of ve.
1 Congure a standard IP ACL and assign it a unique name.
CONFIGURATION mode
120
Access Control Lists (ACLs)