Brocade Mobility RFS7000-GR Controller CLI Reference Guide Manual de usuario descargar pdf (Pagina 187)

Brocade Mobility RFS7000-GR Controller CLI Reference Guide 173

53-1001945-01

Global Configuration Commands

access-list

Global Configuration Commands

Use this command to add an access list entry. Use the access list command under global

configuration to configure the access list mechanism for filtering frames by protocol type or vendor

code.

Syntax

access-list

For Standard IP ACL’s:

access-list (<1-99>|<1300-1999>) (deny|permit|mark (8021p <0-7> | tos

<0-255>))(A.B.C.D/M | host A.B.C.D | any)(log) (rule-precedence <1-5000>)

For Extended IP ACL’s:

access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-7> | tos

<0-255>}} {ip} {source/source-mask | host source | any }

{destination/destination-mask | host destination | any } [log] [rule-precedence

access-list-entry precedence]

access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-7> | tos

<0-255>}} {icmp} {source/source-mask | host source | any} {destination/

destination-mask | host destination | any} [icmp-type | [icmp-type icmp-code]]

[log] [rule-precedence access-list-entry precedence]

access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-7> | tos

<0-255>}} {tcp|udp} {source/source-mask | host source | any} [operator

source-port] {destination/destination-mask | host destination | any} [operator

destination-port] [log] [rule-precedence access-list-entry precedence]

Parameters

access-list

(<1-99>|<1300-1999>)

(deny|permit|mark

(8021p <0-7> | dscp <0-63>

tos <0-255>))

(A.B.C.D/M | host A.B.C.D |

any)(log)

(rule-precedence <1-5000>)

Adds a standard access list entry.

• (<1-99>|<1300-1999>) – Access numbers from 1 to 99 or 1300 to 1999.

• (deny|permit|mark) – Defines the action types on an ACL. The action type

mark is functional only over a Port ACL.

• 8021p <0-7> – Used only with the action type mark to specify 8021p

priority values.

• dscp <0-63> – Used only with the action type mark to modify DSCP TOS

bits in the IP header for the DSCP codepoint value >0-63>.

• tos <0-255> – Used only with thction type mark to specify type of

service (tos) values.

• (A.B.C.D/M | host A.B.C.D | any) – Source is the source address of the

network or host in dotted decimal. Source-mask is the network mask. For

example, 10.1.1.10/24 indicates the first 24 bits of the source IP are used

for matching.

• The keyword any is an abbreviation for a source IP of 0.0.0.0 and

source-mask bits equal to 0.

• The keyword host is an abbreviation for exact source (A.B.C.D) and

source-mask bits equal to 32.

• log – Generates log messages when the packet coming from the interface

matches the ACL entry. Log messages are generated only for router ACL’s.

• (rule-precedence <1-5000>) – Integer value between

1-5000. This value sets the rule precedence in the ACL.

1 2 ... 182 183 184 185 186 187 188 189 190 191 192 ... 606 607

Comentarios a estos manuales

Sin comentarios

Brocade Mobility RFS7000-GR Controller CLI Reference Guide Manual de usuario Pagina 187

Comentarios a estos manuales

Relacionado con productos y manuales para Accesorios De Computador Brocade Mobility RFS7000-GR Controller CLI Reference Guide