Users Guide
Security commands.................................................................................................................................................352
Simple network management protocol....................................................................................................................... 360
SNMP commands................................................................................................................................................... 360
OS10 image upgrade..................................................................................................................................................... 362
Boot system partition..............................................................................................................................................363
Upgrade commands................................................................................................................................................ 363
6 Access Control Lists.................................................................................................................................. 369
IP ACLs........................................................................................................................................................................... 369
MAC ACLs...................................................................................................................................................................... 370
IP fragment handling..................................................................................................................................................... 370
IP fragments ACL.....................................................................................................................................................370
L3 ACL rules.................................................................................................................................................................... 371
Permit ACL with L3 information only..................................................................................................................... 371
Deny ACL with L3 information only........................................................................................................................371
Permit all packets from host................................................................................................................................... 371
Permit only rst fragments and non-fragmented packets from host................................................................ 371
Assign sequence number to lter.................................................................................................................................372
User-provided sequence number...........................................................................................................................372
Auto-generated sequence number........................................................................................................................ 372
L2 and L3 ACLs.............................................................................................................................................................. 372
Assign and apply ACL lters......................................................................................................................................... 373
Ingress ACL lters.......................................................................................................................................................... 374
Egress ACL lters...........................................................................................................................................................374
Clear access-list counters.............................................................................................................................................375
IP prex-lists................................................................................................................................................................... 375
Route-maps.................................................................................................................................................................... 376
Match routes.................................................................................................................................................................. 377
Set conditions.................................................................................................................................................................377
continue Clause..............................................................................................................................................................378
ACL ow-based monitoring.......................................................................................................................................... 378
Flow-based mirroring...............................................................................................................................................378
Enable ow-based monitoring......................................................................................................................................379
ACL commands..............................................................................................................................................................380
clear ip access-list counters................................................................................................................................... 380
clear ipv6 access-list counters...............................................................................................................................380
clear mac access-list counters................................................................................................................................381
deny............................................................................................................................................................................381
deny (IPv6)...............................................................................................................................................................382
deny (MAC)..............................................................................................................................................................382
deny icmp..................................................................................................................................................................383
deny icmp (IPv6)..................................................................................................................................................... 383
deny ip.......................................................................................................................................................................384
deny ipv6...................................................................................................................................................................384
deny tcp.................................................................................................................................................................... 385
deny tcp (IPv6)........................................................................................................................................................386
10
Contents