Home » Dell Manuals » Hubs & Switches » Dell PowerConnect 6024 » Manual Viewer

Dell PowerConnect 6024 Command Line Interface (CLI) Guide (.htm) - Page 78

Specifies the UDP/TCP destination port. Use

View all Dell PowerConnect 6024 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 78 highlights

www.dell.com | support.dell.com Syntax permit {any | protocol-ip} {any | source source-wildcard } {any | destination destinationwildcard } [dscp dscp-number | ip-precedence ip-precedence] permit-tcp {any | source source-wildcard } {any | source-port} {any | destination destination-wildcard } {any | destination-port} [dscp dscp-number | ip-precedence ipprecedence] permit-udp {any | source source-wildcard } {any | source-port} {any | destination destination-wildcard } {any | destination-port} [dscp dscp-number | ip-precedence ipprecedence] • Source IP address can be one of the following: - any-Packets received from any IP address. - source source-wildcard-IP address and wildcard for host from which the packet is sent. Specify the IP address as 0.0.0.0 and mask as 255.255.255.255. • Destination IP address can be one of the following: - any-Packets sent to any IP address. - destination destination-wildcard-IP address and wildcard for host to which the packet is sent. Specify the IP address as 0.0.0.0 and mask as 255.255.255.255. • protocol-The name or the number of an IP protocol. Use ? to see list of available protocols (icmp, igmp, ip, tcp, egp, igp, udp, hmp, rdp, idpr, ipv6, ipv6-route, ipv6-frag, idrp, rsvp, gre, esp, ah, ipv6-icmp, eigrp, ospf, ipip, pim, l2tp, isis), use any for all protocols. • destination-port-Specifies the UDP/TCP destination port. Use any for all ports. • source-port-Specifies the UDP/TCP source port. Use any for all ports. • dscp-Matches dscp number with the packet DSCP value. • precedence-Matches ip-precedence with the packet ip-precedence value. Default Configuration This command has no default configuration. Command Mode IP Access-list Configuration mode User Guidelines When an access control entry (ACE) is added to an access control list, an implied deny-anyany condition exists at the end of the list. If there are no matches, the packets are denied. However, before the first ACE is added, the list permits all packets. 78 ACL Commands

Section	Page
Command Groups	25
Introduction	25
Command Groups	25
AAA Commands	27
ACL Commands	28
Address Table Commands	28
Clock Commands	29
Configuration and Image Files Commands	30
DHCP Relay Commands	30
Ethernet Configuration Commands	30
GVRP Commands	31
IGMP Snooping Commands	33
IP Addressing	33
IP Routing	34
LACP Commands	35
Line Commands	35
Management ACL Commands	35
Multicast Routing	36
OSPF	36
PHY Diagnostics Commands	38
Port Channel Commands	38
Port Monitor Commands	38
QoS Commands	39
Radius Commands	40
RIP Commands	40
RMON Commands	41
SNMP Commands	41
Spanning Tree Commands	42
SSH Commands	43
Syslog Commands	44
System Management Commands	44
TACACS+ Commands	45
User Interface Commands	45
VLAN Commands	46
VRRP Commands	47
Web Server Commands	47
802.1x Commands	48
Using the CLI	49
CLI Command Modes	49
Introduction	49
User EXEC Mode	50
Privileged EXEC Mode	50
Global Configuration Mode	51
Interface Configuration Mode and Specific Configuration Modes	52
Starting the CLI	53
Editing Features	53
Entering Commands	53
Terminal Command Buffer	54
Negating the Effect of Commands	55
Command Completion	55
Keyboard Shortcuts	55
CLI Command Conventions	56
AAA Commands	57
aaa authentication login	57
aaa authentication enable	58
login authentication	59
enable authentication	60
ip http authentication	61
ip https authentication	62
password	63
enable password	63
username	64
passwords min-length	65
password-aging	66
passwords aging	66
passwords history	67
passwords history hold-time	68
aaa login-history file	69
set username active	69
set line active	70
set enable-password active	71
show authentication methods	71
show users accounts	72
show passwords configuration	73
show users login-history	75
ACL Commands	77
ip access-list	77
permit (IP)	77
deny (IP)	79
mac access-list	80
permit (MAC)	81
deny (MAC)	82
service-acl	83
show access-lists	84
show interfaces access-lists	84
Address Table Commands	87
bridge address	87
bridge multicast filtering	88
bridge multicast address	88
bridge multicast forbidden address	89
bridge multicast forward-all	90
bridge multicast forbidden forward-all	91
bridge aging-time	92
clear bridge	93
port security	93
port security routed secure-address	94
show bridge address-table	95
show bridge address-table static	96
show bridge multicast address-table	97
show bridge multicast filtering	98
show ports security	99
Clock	101
clock source	101
clock timezone	101
clock summer-time	102
sntp authentication-key	103
sntp authenticate	104
sntp trusted-key	105
sntp client poll timer	106
sntp broadcast client enable	106
sntp anycast client enable	107
sntp client enable	107
sntp unicast client enable	108
sntp unicast client poll	109
sntp server	109
show clock	110
show sntp configuration	112
show sntp status	113
DHCP Relay Commands	115
ip dhcp relay enable	115
ip dhcp relay address	115
show ip dhcp relay	116
Configuration and Image Files	117
configure	117
copy	117
delete startup-config	121
boot system	121
show running-config	122
show startup-config	123
show backup-config	126
show bootvar	127
Ethernet Configuration Commands	129
interface ethernet	129
interface range ethernet	129
interface out-of-band-eth	130
shutdown	131
description	131
speed	132
duplex	133
negotiation	134
flowcontrol	134
mdix	135
back-pressure	136
port jumbo-frame	136
clear counters	137
set interface active	137
show interfaces configuration	138
show interfaces status	140
show interfaces description	142
show interfaces counters	143
show ports jumbo-frame	146
port storm-control include-multicast	147
port storm-control broadcast enable	147
port storm-control broadcast rate	148
show ports storm-control	149
show interfaces advertise	149
GVRP Commands	151
gvrp enable (global)	151
gvrp enable (interface)	151
garp timer	152
gvrp vlan-creation-forbid	153
gvrp registration-forbid	154
clear gvrp statistics	154
show gvrp configuration	155
show gvrp statistics	157
show gvrp error-statistics	157
IP Addressing Commands	159
ip address	159
ip address dhcp	160
ip default-gateway	161
show ip interface	161
arp	162
arp timeout	163
ip proxy-arp	164
clear arp-cache	164
show arp	165
directed-broadcast	165
broadcast-address	166
ip helper-address	167
helper-address	168
show ip helper-address	169
ip domain-lookup	170
ip domain-name	170
ip name-server	171
ip host	171
clear host	172
clear host dhcp	173
show hosts	173
IGMP Snooping Commands	175
ip igmp snooping (Global)	175
ip igmp snooping (Interface)	175
ip igmp snooping mrouter	176
ip igmp snooping host-time-out	176
ip igmp snooping mrouter-time-out	177
ip igmp snooping leave-time-out	178
show ip igmp snooping mrouter	178
show ip igmp snooping interface	179
show ip igmp snooping groups	180
IP Routing Protocol-Independent Commands	183
interface ip	183
ip route	183
key-chain	184
key (key chain)	185
key (global)	186
key-string	186
accept-lifetime	188
send-lifetime	189
ip maximum-paths	190
show ip route	191
show ip protocols	193
show key-chains	195
show keys	196
LACP Commands	197
lacp system-priority	197
lacp port-priority	197
lacp timeout	198
show lacp ethernet	198
show lacp port-channel	199
Line Commands	201
line	201
speed	201
exec-timeout	202
show line	203
terminal history	204
terminal history size	204
Management ACL	207
management access-list	207
permit (management)	208
deny (management)	209
management access-class	210
show management access-list	211
show management access-class	211
Multicast Routing Commands	213
ip multicast-routing	213
ip dvmrp	213
ip dvmrp metric	214
ip igmp	214
ip igmp query-interval	215
ip igmp last-member-query-interval	216
ip igmp query-max-response-time	217
ip igmp version	218
ip igmp static-group	219
show ip mroute	219
show ip mroute-next-hop	222
show ip dvmrp interface	223
show ip dvmrp neighbor	224
show ip dvmrp next-hop	226
show ip dvmrp route	227
show ip dvmrp prune	228
show ip igmp interface	229
show ip igmp groups	230
OSPF Commands	233
router ospf enable	233
router ospf area	233
router ospf redistribute rip	234
router ospf redistribute static	235
router ospf redistribute connected	236
router ospf area virtual-link	236
hello-interval	237
dead-interval	238
retransmit-interval	238
transmit-delay	239
authentication	240
router ospf router-id	241
router ospf area stub	241
router ospf area default-cost	242
ospf	243
ospf enable	244
ospf area	244
ospf cost	245
ospf priority	246
ospf hello-interval	247
ospf dead-interval	247
ospf retransmit-interval	248
ospf transmit-delay	249
router ospf compatible rfc1583	250
ospf authentication	250
clear ip ospf process	251
show ip ospf	252
show ip ospf virtual-links	253
show ip ospf database	254
show ip ospf interface	267
show ip ospf neighbor	268
PHY Diagnostics Commands	271
test copper-port tdr	271
show copper-ports tdr	272
show copper-ports cable-length	272
show fiber-ports optical-transceiver	273
Port Channel Commands	277
interface port-channel	277
interface range port-channel	277
channel-group	278
show interfaces port-channel	279
Port Monitor Commands	281
port monitor	281
port monitor vlan-tagging	282
show ports monitor	283
QoS Commands	285
qos	285
show qos	285
priority-queue out num-of-queues	286
traffic-shape	287
qos wrr-queue threshold	287
wrr-queue bandwidth	288
wrr-queue	289
show qos interface	290
qos map dscp-queue	294
qos map tcp-port-queue	295
qos map udp-port-queue	296
wrr-queue cos-map	296
show qos map	297
qos trust (Global)	300
qos trust (Interface)	301
qos cos	302
qos dscp-mutation	302
qos map dscp-mutation	303
qos aggregate-policer	304
show qos aggregate-policer	304
qos map policed-dscp	305
class-map	306
show class-map	307
match	307
policy-map	308
show policy-map	309
class	310
police	311
police aggregate	312
trust	313
set	314
service-policy	314
Radius Commands	317
radius-server host	317
radius-server key	318
radius-server retransmit	319
radius-server source-ip	319
radius-server timeout	320
radius-server deadtime	320
show radius-servers	321
RIP Commands	323
router rip enable	323
router rip redistribute ospf	323
router rip redistribute static	324
rip	324
rip passive-interface	325
rip auto-send	325
rip version	326
rip offset	327
rip default-route originate	327
rip default-route offset	328
rip authentication	329
show ip rip	330
RMON Commands	333
show rmon statistics	333
rmon collection history	335
show rmon collection history	336
show rmon history	337
rmon alarm	340
show rmon alarm-table	341
show rmon alarm	342
rmon event	344
show rmon events	345
show rmon log	346
rmon table-size	347
SNMP Commands	349
SNMP General Commands	349
snmp-server contact	349
snmp-server location	349
snmp-server enable traps	350
snmp-server trap authentication	350
snmp-server set	351
snmp-server view	352
snmp-server group	353
snmp-server filter	354
show snmp	355
show snmp views	357
show snmp groups	358
show snmp filters	359
SNMPv1/v2 Commands	360
snmp-server community	360
snmp-server host	362
SNMPv3 Commands	363
snmp-server user	363
snmp-server v3-host	365
show snmp engineID	366
show snmp users	367
Spanning-Tree Commands	369
spanning-tree	369
spanning-tree mode	369
spanning-tree forward-time	370
spanning-tree hello-time	370
spanning-tree max-age	371
spanning-tree priority	372
spanning-tree disable	372
spanning-tree cost	373
spanning-tree port-priority	373
spanning-tree portfast	374
spanning-tree link-type	375
spanning-tree bpdu	375
clear spanning-tree detected-protocols	376
show spanning-tree	377
spanning-tree pathcost method	391
spanning-tree mst priority	392
spanning-tree mst max-hops	393
spanning-tree mst port-priority	393
spanning-tree mst cost	394
spanning-tree mst configuration	395
instance (mst)	396
name (mst)	396
revision (mst)	397
show (mst)	398
exit (mst)	399
abort (mst)	399
SSH Commands	401
ip ssh port	401
ip ssh server	401
crypto key generate dsa	402
crypto key generate rsa	402
ip ssh pubkey-auth	403
crypto key pubkey-chain ssh	404
user-key	404
key-string	405
show ip ssh	406
show crypto key mypubkey	407
show crypto key pubkey-chain ssh	408
Syslog Commands	411
logging on	411
logging	411
logging console	412
logging buffered	413
logging buffered size	413
clear logging	414
logging file	415
clear logging file	415
aaa logging	416
file-system logging	416
management logging	417
show logging	418
show logging file	420
show syslog-servers	422
System Management	423
ping	423
reload	424
clock set	425
hostname	426
asset-tag	426
show users	427
show clock	427
show system	428
show version	430
show system id	430
traceroute	431
telnet	434
resume	437
TACACS+ Commands	439
tacacs-server host	439
tacacs-server key	440
tacacs-server source-ip	440
tacacs-server timeout	441
show tacacs	442
User Interface	445
enable	445
disable	445
login	446
exit(configuration)	446
exit(EXEC)	447
end	447
help	448
history	448
history size	449
debug-mode	450
show history	450
show privilege	451
VLAN Commands	453
vlan database	453
vlan	453
interface vlan	454
interface range vlan	454
name	455
switchport mode	456
switchport access vlan	456
switchport trunk allowed vlan	457
switchport trunk native vlan	458
switchport general allowed vlan	458
switchport general pvid	459
switchport general ingress-filtering disable	460
switchport general acceptable-frame-type tagged-only	460
switchport forbidden vlan	461
switchport protected	462
map protocol protocols-group	463
switchport general map protocols-group vlan	463
show vlan	464
show vlan internal usage	465
show vlan protocols-groups	466
show interfaces switchport	467
VRRP Commands	469
vrrp ip	469
vrrp up	469
vrrp timer	470
vrrp priority	471
vrrp source-ip	472

Match case Limit results 1 per page

ACL Commands

www.dell.com | support.dell.com

Syntax

permit

{

any

| protocol-ip} {

any

source

source-wildcard } {

any

destination

destination-

wildcard } [

dscp

dscp-number |

ip-precedence

ip-precedence]

permit-tcp

{

any

source

source-wildcard } {

any

| source-port} {

any

destination

destination-wildcard } {

any

| destination-port} [

dscp

dscp-number |

ip-precedenc

e ip-

precedence]

permit-udp

{

any

source

source-wildcard } {

any

| source-port} {

any

destination

destination-wildcard } {

any

| destination-port} [

dscp

dscp-number |

ip-precedence

ip-

precedence]

•

Source IP address can be one of the following:

–

any

—Packets received from any IP address.

–

source

source-wildcard

—IP address and wildcard for host from which the packet is

sent. Specify the IP address as 0.0.0.0 and mask as 255.255.255.255.

•

Destination IP address can be one of the following:

–

any

—Packets sent to any IP address.

–

destination

destination-wildcard

—IP address and wildcard for host to which the

packet is sent. Specify the IP address as 0.0.0.0 and mask as 255.255.255.255.

•

protocol

—The name or the number of an IP protocol. Use

to see list of available

protocols (

icmp

igmp

tcp

egp

igp

udp

hmp

rdp

idpr

ipv6

ipv6-route

ipv6-frag

idrp

rsvp

gre

esp

ipv6-icmp

eigrp

ospf

ipip

pim

l2tp

isis

), use

any

for all

protocols.

•

destination-port

—Specifies the UDP/TCP destination port. Use

any

for all ports.

•

source-port

—Specifies the UDP/TCP source port. Use

any

for all ports.

•

dscp

—Matches

dscp number

with the packet DSCP value.

•

precedence

—Matches

ip-precedence

with the packet ip-precedence value.

Default Configuration

This command has no default configuration.

Command Mode

IP Access-list Configuration mode

User Guidelines

When an access control entry (ACE) is added to an access control list, an implied

deny-any-

any

condition exists at the end of the list. If there are no matches, the packets are denied.

However, before the first ACE is added, the list permits all packets.