Command Reference Guide

ManualsBrandsNEC ManualsBlade ServersNEC N8406-026 10Gb L3 Switch

141

142

143

144

145

146

147

148

149

150

Error! Use the Home tab to apply 見出し 1 to the text that you want to appear here. 145

Access Control List configuration

Command: /cfg/acl/acl <ACL number>

[ACL 1 Menu]

ethernet - Ethernet Header Options Menu

ipv4 - IP Header Options Menu

tcpudp - TCP/UDP Header Options Menu

meter - ACL Metering Configuration Menu

re-mark - ACL Re-mark Configuration Menu

pktfmt - Set to filter specific packet format types

egrport - Set to filter for packets egressing this port

action - Set filter action

stats - Enable/disable statistics for this acl

reset - Reset filtering parameters

cur - Display current filter configuration

These menus allow you to define filtering criteria for each Access Control List (ACL). The following table

describes the ACL Configuration Menu options.

Table 162 ACL Configuration Menu options

Command

Description

ethernet

Displays the ACL Ethernet configuration menu.

ipv4

Displays the ACL IP version 4 configuration menu.

tcpudp

Displays the ACL TCP/UDP configuration menu.

meter

Displays the ACL meter configuration menu.

re-mark

Displays the ACL re-mark configuration menu.

pktfmt

Displays the ACL Packet Format configuration menu.

egrport <port number>

Configures the ACL to function on egress packets.

The egress port ACL will not match a Layer 2 broadcast or multicast

packet. The egress port ACL will not match packets if the destination

port is a trunk.

action

permit|deny|setprio <0-7>

Configures a filter action for packets that match the ACL definitions. You

can choose to permit (pass) or deny (drop) packets, or set the 802.1p

priority for the packets.

stats e|d

Enables or disables the statistics collection for the Access Control List. The

default is disabled.

reset

Resets the ACL parameters to their default values and removes the ACL

from all ports to which it is assigned.

cur

Displays the current ACL parameters.

NOTE: ACL number is available from 1 to 384. ACLs are divided into Precedence Groups. Each

Precedence Group provides a different set of packet classifiers for the ACLs within the Precedence

Group. See the "Quality of Service" chapter in the Application Guide.

ACL Ethernet Filter configuration

Command: /cfg/acl/acl <ACL number>/ethernet

[Filtering Ethernet Menu]

smac - Set to filter on source MAC

dmac - Set to filter on destination MAC

vlan - Set to filter on VLAN ID

etype - Set to filter on ethernet type

pri - Set to filter on priority

reset - Reset all fields

cur - Display current parameters