Brocade Mobility RFS7000-GR Controller CLI Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 188

Advertising
background image

174

Brocade Mobility RFS7000-GR Controller CLI Reference Guide

53-1001945-01

Global Configuration Commands

5

access-list
(<100-199>|<2000-2699>)
{deny | permit | mark {dot1p
dscp <0-637> | tos <0-255>}}
{ip} {source/source-mask | host
source | any }
{destination/destination-mask |
host destination | any } [log]
[rule-precedence
access-list-entry precedence]

Adds an Extended IP access list entry using IP keyword.

<100-199>|<2000-2699> – For IP type of extended ACL, the ACL number
must be between 100-199.

{deny [<icmp|ip|proto|tcp|udp]| permit [<icmp|ip|proto|tcp|udp]
| mark {dot1p <0-7dscp <0-63> | tos <0-255>}} – Action types on an ACL.
The action type

mark

is functional only over a Port ACL.

8021p <0-7> – Used only with the action type

mark

to specify 8021p

priority values.

dscp <0-63> – Used only with the action type

mark

to modify DSCP TOS

bits in the IP header for the DSCP codepoint value <0-63>.

tos <0-255> – Used only with action type

mark

to specify type Of

service (tos) values.

icmp [< A.B.C.D/M> <0-255> | any | host] – Used with the action type

deny

and

permit

to specify ICMP protocol.

ip [< A.B.C.D/M>| any | host] – Used with the action type

deny

and

permit

to specify IP to match any protocol.

proto [ <1-254> |WORD|eigrp|gre|igmp|igp|ospf|vrrp] –

tcp [< A.B.C.D/M>| any | host] –

udp [< A.B.C.D/M>| any|eq <1-65535> | host| range <1-65535>]–

{ip} – Specify ip (to match any protocol)

{source/source-maskA.B.C.D/M | host source | any } – Source is the source
address of the network or host in dotted decimal. M is the network
mask.For example, 10.1.1.10/24 indicates the first 24 bits of the source IP
are used for matching.

The keyword any is an abbreviation for source IP of 0.0.0.0 and
source-mask bits equal to 0.

The keyword host is an abbreviation for exact source (A.B.C.D) and
source-mask bits equal to 32.

{destination/destination-maskA.B.C.D/M | host destination | any } – The
destination host IP address or destination network address.

host – Specifies host address.

any – Any destination IP address.

<0-255> – ICPM type.

<0-255> – ICMP code.

[log [rule-description|rule-precedence] – Generates log messages
when the packet coming from the interface matches the ACL entry. Log
messages are generated only for router ACL’s.

rule-description <WORD>– Access-list entry description that does not
exceed 128 characters.

[rule-precedence [<1-5000> |rule-description] – aAccess-list-entry
precedence] – .Integer value between 1-5000. This value sets the rule
precedence in the ACL.

Advertising
Popular Brands
Popular manuals