Mellanox MLNX-OS User Manual for SX1018HP Ethernet Managed Blade Switch

ManualsBrandsHP ManualsComputer AccessoriesMellanox SX1018HP Ethernet Switch for c-Class BladeSystem

511

512

513

514

515

516

517

518

519

520

Rev 2.10

Mellanox Technologies

518

Mellanox Technologies Confidential

deny/permit (IPv4 ACL rule)

[seq-number <sequence-number>] {permit | deny} ip {<source-ip> [mask <ip>] |

[any]} {<dest-ip> [mask <ip>] | [any]} [action <action-id>]

no <sequence-number>

Creates a rule for IPv4 ACL.

The no form of the command deletes a rule from the IPv4 ACL.

Syntax Description sequence-number Optional parameter to set a specific sequence number

for the rule. The range is:1-500.

deny | permit Determines the type of the rule, deny or permit action.

Valid mask values fall in the range 0-255.

{any | <source-ip> [mask

<ip>]}

Sets source IP and optionally sets a mask for that IP

address. The “any” option causes the rule to not check

the source IP.

Valid mask values fall in the range 0-255.

{any | <destination-ip>

[mask <ip>]}

Sets destination IP and optionally sets a mask for that

MAC. The “any” option causes the rule to not check

the destination MAC.

Default No rule is added by default to access control list.

Default sequence number is in multiple of 10.

Configuration Mode Config IPv4 ACL

History 3.1.1400 First version

3.3.4300 Updated syntax description of mask <ip> parameter

Role admin

Example

switch (config ipv4 access-list my-list) # seq-number 51 deny ip 1.1.1.1

mask 123.12.13.53 45.45.45.0 mask 123.132.21.123

switch (config ipv4 access-list my-list) #

Related Commands ipv4/mac access-list

ipv4/mac port access-group

Note