Brocade Communications Systems RFS6000 User Manual

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

225

53-1001931-01

Global Configuration commands

5

•

When the access list is applied on an Ethernet port, it becomes a port ACL

•

When the access list is applied on a VLAN interface, it becomes a router ACL

•

When the access list is applied on a WLAN index, it becomes a WLAN ACL

A MAC access list (to allow arp), is mandatory for both port and WLAN ACL’s. For more information
on how to configure a MAC access list, see

permit on page 499

.

Example

The example below creates a standard access list (ACL) to permit any traffic coming to the
interface:

RFController(config)#access-list 1 permit any

RFController(config)#

The example below creates a extended IP access list to permit IP traffic between two networks:

RFController(config)#access-list 101 permit ip 192.168.1.0/24 192.168.2.0/24

RFController(config)#

The example below creates a extended access list to permit tcp traffic, between two networks, with
destination port range between 20 and 23:

RFController(config)#access-list 101 permit tcp 192.168.1.0/24 192.168.2.0/24

range 20 23

RFController(config)#

The example below denies icmp traffic from any source to any destination:

RFController(config)#access-list 115 deny icmp any any

RFController(config)#access-list 115 permit ip any any

RFController(config)#