Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4112F-ON/S4112T-ON

491

492

493

494

495

496

497

498

499

500

Assign sequence number to lter

IP ACLs lter on source and destination IP addresses, IP host addresses, TCP addresses, TCP host addresses, UDP addresses, and UDP

host addresses. Trac passes through the lter by lter sequence. Congure the IP ACL by rst entering IP ACCESS-LIST mode and then

assigning a sequence number to the lter.

User-provided sequence number

• Enter IP ACCESS LIST mode by creating an IP ACL in CONFIGURATION mode.

ip access-list access-list-name

• Congure a drop or forward lter in IPV4-ACL mode.

seq sequence-number {deny | permit | remark} {ip-protocol-number | icmp | ip | protocol | tcp

| udp} {source prefix | source mask | any | host} {destination mask | any | host ip-address}

[count [byte]] [fragments]

Auto-generated sequence number

If you are creating an ACL with only one or two lters, you can let the system assign a sequence number based on the order in which you

congure the lters. The system assigns sequence numbers to lters using multiples of ten values.

• Congure a deny or permit lter to examine IP packets in IPV4-ACL mode.

{deny | permit} {source mask | any | host ip-address} [count [byte]] [fragments]

• Congure a deny or permit lter to examine TCP packets in IPV4-ACL mode.

{deny | permit} tcp {source mask] | any | host ip-address}} [count [byte]] [fragments]

• Congure a deny or permit lter to examine UDP packets in IPV4-ACL mode.

{deny | permit} udp {source mask | any | host ip-address}} [count [byte]] [fragments]

Assign sequence number to lter

OS10(config)# ip access-list acl1

OS10(conf-ipv4-acl)# seq 5 deny tcp any any capture session 1 count

View ACLs and packets processed through ACL

OS10# show ip access-lists in

Ingress IP access-list acl1

Active on interfaces :

ethernet1/1/5

seq 5 permit ip any any count (10000 packets)

L2 and L3 ACLs

Congure both L2 and L3 ACLs on an interface in L2 mode. Rules apply if you use both L2 and L3 ACLs on an interface.

• L3 ACL lters packets and then the L2 ACL lters packets

• Egress L3 ACL lters packets

Rules apply in order:

• Ingress L3 ACL

• Ingress L2 ACL

• Egress L3 ACL

Access Control Lists

491