ProLiant BL p-Class GbE2 Interconnect Switch ISCLI Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProLiant BL p-Class C-GbE2 Interconnect Switch

131

132

133

134

135

136

137

138

139

140

Configuration Commands 131

Access Control configuration

Use these commands to create Access Control Lists (ACLs), ACL Blocks, and ACL Groups. ACLs define matching

criteria used for IP filtering and Quality of Service functions.

Access Control List configuration

These commands allow you to define filtering criteria for each Access Control List (ACL). The following table describes

the basic ACL Configuration commands.

Table 158 ACL Configuration commands

Command Description

[no] access-control list <1-4096>

egress-port <port number>

Configures the ACL to function on egress packets.

Command mode: Global configuration

access-control list <1-4096>

action {permit|deny|class-of-

service <0-7>}

Configures a filter action for packets that match the ACL definitions.

You can choose to permit (pass) or deny (drop) packets, or set the

Class of Service queue that handles the packets.

Command mode: Global configuration

access-control list <1-4096>

statistics

Enables or disables the statistics collection for the Access Control List.

Command mode: Global configuration

default access-control list

<1-4096>

Resets the ACL parameters to their default values.

Command mode: Global configuration

show access-control list <1-4096> Displays the current ACL parameters.

Command mode: All except User EXEC

ACL Ethernet Filter configuration

These commands allow you to define Ethernet matching criteria for an ACL. The following table describes the Ethernet

Filter Configuration commands.

Table 159 Ethernet Filter Configuration commands

Command Description

access-control list <1-4096> ethernet

source-mac-address <MAC address> {<MAC

mask>}

Defines the source MAC address for this ACL.

Command mode: Global configuration

access-control list <1-4096> ethernet

destination-mac-address <MAC address>

{<MAC mask>}

Defines the destination MAC address for this ACL.

Command mode: Global configuration

access-control list <1-4096> ethernet

vlan <1-4095> <mask>

Defines a VLAN number and mask for this ACL.

Command mode: Global configuration

access-control list <1-4096> ethernet

ethernet-type {ARP|IP|IPv6|MPLS|

RARP|any|0xXXXX}

Defines the Ethernet type for this ACL.

Command mode: Global configuration

access-control list <1-4096> ethernet

priority <0-7>

Defines the Ethernet priority value for the ACL.

Command mode: Global configuration

default access-control list <1-4096>

ethernet

Resets Ethernet parameters for the ACL to their default values.

Command mode: Global configuration

show access-control list {<1-4096>}

ethernet

Displays the current Ethernet parameters for the ACL.

Command mode: All except User EXEC