Dell Force10 MXL Blade MXL 10/40GbE Switch IO Module FTOS Command Line Referen - Page 98
Standard IP ACL Commands, deny
View all Dell Force10 MXL Blade manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 98 highlights
www.dell.com | support.dell.com Standard IP ACL Commands When an ACL is created without any rule and then applied to an interface, ACL behavior reflects an implicit permit. The MXL 10/40GbE Switch IO Module platform supports both ingress and egress IP ACLs. The commands needed to configure a Standard IP ACL are: • deny • ip access-list standard • permit Note: See also Commands Common to all ACL Types and Common IP ACL Commands. deny Configure a filter to drop packets with a certain IP address. Syntax deny {source [mask] | any | host ip-address} [count [byte]] [dscp value] [order] [fragments] To remove this filter, you have two choices: • Use the no seq sequence-number command if you know the filter's sequence number. • Use the no deny {source [mask] | any | host ip-address} command. Parameters source mask any host ip-address count byte dscp order fragments Enter the IP address in dotted decimal format of the network from which the packet was sent. (OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous (discontiguous). Enter the keyword any to specify that all routes are subject to the filter. Enter the keyword host followed by the IP address to specify a host IP address only. (OPTIONAL) Enter the keyword count to count packets processed by the filter. (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. (OPTIONAL) Enter the keyword dscp to match to the IP DSCP values. (OPTIONAL) Enter the keyword order to specify the QoS order of priority for the ACL entry. Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower order numbers have a higher priority) Default: If the order keyword is not used, the ACLs have the lowest order by default (255). Enter the keyword fragments to use ACLs to control packet fragments. Defaults Not configured. Command Modes CONFIGURATION-IP ACCESS-LIST-STANDARD 98 | Access Control Lists (ACL)