Ip acls, Ip acls -114 – SMC Networks SMC Tiger 10/100 SMC6128L2 User Manual

C

OMMAND

L

INE

I

NTERFACE

4-114

The following restrictions apply to ACLs:

•

Each ACL can have up to 60 rules.

•

This switch supports ACLs for ingress filtering only. However, you can
only bind one IP ACL to any port for ingress filtering. In other words,
only one ACL can be bound to an interface - Ingress IP ACL.

The order in which active ACLs are checked is as follows:
1. User-defined rules in the Ingress IP ACL for ingress ports.
2. Explicit default rule (permit any any) in the ingress IP ACL for ingress

ports.

3. If no explicit rule is matched, the implicit default is permit all.

IP ACLs

Table 4-33 Access Control List Commands

Command Groups

Function

Page

IP ACLs

Configure ACLs based on IP addresses, TCP/
UDP port number, protocol type, and TCP control
code

4-114

ACL Information

Display ACLs and associated rules; shows ACLs
assigned to each port

4-122

Table 4-34 IP ACL Commands

Command

Function

Mode

Page

access-list ip

Creates an IP ACL and enters
configuration mode for standard or
extended IP ACLs

GC

4-115

permit, deny

Filters packets matching a specified
source IP address

STD-ACL

4-116

permit, deny

Filters packets meeting the specified
criteria, including source and
destination IP address, TCP/UDP port
number, protocol type, and TCP
control code

EXT-ACL

4-117