D-Link DGS-6600-48TS Configuration Guide - Page 422
Re-sequencing the Criteria Statements in Access Control Lists, Displaying Access Control Lists
View all D-Link DGS-6600-48TS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 422 highlights
Volume 8-Security & Authentication / Chapter 38-Access Control Lists (ACL) ACL Configuration Commands Re-sequencing the Criteria Statements in Access Control Lists Since the priority of criteria is explicitly specified for some statements and auto-assigned for others, the user may need to re-number the priority numbers to easily configure new statements. When the priority is renumbered, the number is adjusted based on the specified start sequence number and increment number. The ordering of statements is not changed. Use the following command to re-sequence the priority of the access control list entries in an access control list: Command resequence access-list NAME STARTINGSEQUENCE-NUMBER INCREMENT Explanation Re-sequences the priority of the entries in an access control list. In the following example, the user displays the configuration for the "ip server-security" access control list and re-sequences the access control list with an initial value of 1 and an increment value of 2. The user then re-displays the configuration for the "ip server-security" access control list to verify that the changes have been made correctly: DGS-6600:2>enable DGS-6600:15#show access-list ip server-security 10 deny tcp host 192.168.0.222 eq 80 192.168.50.0 255.255.255.0 20 deny tcp host 192.168.0.121 eq 23 192.168.100.0 255.255.255.0 30 permit tcp 192.168.50.0 255.255.255.0 eq 80 host 192.168.0.222 DGS-6600:15#configure terminal DGS-6600:15(config)#resequence access-list server-security 1 2 DGS-6600:15(config)#end DGS-6600:15#show access-list ip server-security 1 deny tcp host 192.168.0.222 eq 80 192.168.50.0 255.255.255.0 3 deny tcp host 192.168.0.121 eq 23 192.168.100.0 255.255.255.0 5 permit tcp 192.168.50.0 255.255.255.0 eq 80 host 192.168.0.222 DGS-6600:15# Displaying Access Control Lists Use the following command to display the access control lists that have been setup on the Switch: Command show access-list [ip NAME | mac NAME | ipv6 NAME] Explanation Displays the access control lists setup on the Switch. DGS-6600 Configuration Guide 422