Ip acls, Ip acls -116 – SMC Networks SMC TigerStack 1000 SMC8748M User Manual

C

OMMAND

L

INE

I

NTERFACE

4-116

Masks for Access Control Lists

You must specify optional masks that control the order in which ACL
rules are checked. The switch includes two system default masks that pass/
filter packets matching the permit/deny rules specified in an ingress ACL.
You can also configure up to seven user-defined masks for an ACL. A
mask must be bound exclusively to one of the basic ACL types (i.e., Ingress
IP ACL, Egress IP ACL, Ingress MAC ACL or Egress MAC ACL), but a
mask can be bound to up to four ACLs of the same type.

IP ACLs

Table 4-33 Access Control List Commands

Command Groups

Function

Page

IP ACLs

Configure ACLs based on IP addresses, TCP/
UDP port number, protocol type, and TCP control
code

4-116

MAC ACLs

Configure ACLs based on hardware addresses,
packet format, and Ethernet type

4-133

ACL Information

Display ACLs and associated rules; shows ACLs
assigned to each port

4-144

Table 4-34 IP ACL Commands

Command

Function

Mode

Page

access-list ip

Creates an IP ACL and enters
configuration mode for standard or
extended IP ACLs

GC

4-117

permit, deny

Filters packets matching a specified
source IP address

STD-ACL

4-118

permit, deny

Filters packets meeting the specified
criteria, including source and
destination IP address, TCP/UDP port
number, protocol type, and TCP
control code

EXT-ACL

4-120

show ip access-list Displays the rules for configured IP

ACLs

PE

4-122