Reference Guide
218 | Access Control Lists (ACL)
www.dell.com | support.dell.com
Command
History
Usage
Information
The number of entries allowed per ACL is hardware-dependent. Refer to your line
card documentation for detailed specification on entries allowed per ACL.
Prior to 7.8.1.0, names are up to 16 characters long.
Example
FTOS(conf)#ip access-list extended TESTListEXTEND
FTOS(config-ext-nacl)#
Related
Commands
permit
c e s
Configure a filter to pass IP packets meeting the filter criteria.
Syntax
permit {ip | ip-protocol-number} {source mask | any | host ip-address} {destination mask |
any | host ip-address} [count [byte] | log] [dscp value] [order] [monitor] [fragments]
To remove this filter, you have two choices:
• Use the
no seq sequence-number command syntax if you know the filter’s
sequence number or
• Use the
no deny {ip | ip-protocol-number} {source mask | any | host ip-address}
{
destination mask | any | host ip-address} command.
Parameters
Version 8.3.19.0 Introduced on S4820T
Version 8.3.10.0 Introduced on S4810
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names
are up to 16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.2.1.1 Introduced on E-Series
ip access-list standard Configure a standard IP access list.
show config Display the current configuration.
ip
Enter the keyword ip to configure a generic IP access list. The keyword
ip specifies that the access list will permit all IP protocols.
ip-protocol-number
Enter a number from 0 to 255 to permit based on the protocol identified
in the IP protocol header.
S4810 and S4820T Range: 0 to 128
source
Enter the IP address of the network or host from which the packets
were sent.
mask
Enter a network mask in /prefix format (/x) or A.B.C.D. The mask,
when specified in A.B.C.D format, may be either contiguous or
non-contiguous.