Alcatel-Lucent 6850-48 Network Guide
ACLMAN Overview
Using ACL Manager
page 39-6
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
ACL Text Files
ACLMAN supports the importing of common industry ACL statements created and saved to a file using a
text editor. The import command in the Privileged Exec Mode of the ACLMAN shell triggers ACLMAN
to read the specified text file and load the ACL statements into the running configuration. These same
statements also become part of the ACLMAN startup configuration when a write memory command is
performed.
text editor. The import command in the Privileged Exec Mode of the ACLMAN shell triggers ACLMAN
to read the specified text file and load the ACL statements into the running configuration. These same
statements also become part of the ACLMAN startup configuration when a write memory command is
performed.
Note that the write memory command triggers ACLMAN to save the running configuration to the
aclman.cfg file. It is not possible to direct ACLMAN to write to any other file. Other text files are only
read by ACLMAN and are never used to export information from the ACLMAN configuration.
aclman.cfg file. It is not possible to direct ACLMAN to write to any other file. Other text files are only
read by ACLMAN and are never used to export information from the ACLMAN configuration.
ACL statements imported from a text file are treated the same way as statements entered directly through
the ACLMAN interactive shell. For more information about importing ACL text files, see
the ACLMAN interactive shell. For more information about importing ACL text files, see
.
ACL Precedence
ACLMAN allows a user to apply common industry ACLs to an Alcatel-Lucent switch. When these ACLs
are created using ACLMAN configuration tools, they are automatically assigned an Alcatel-Lucent QoS
internal priority of 101.
are created using ACLMAN configuration tools, they are automatically assigned an Alcatel-Lucent QoS
internal priority of 101.
Alcatel-Lucent CLI/SNMP policies are assigned a priority of one by default. As a result, ACLMAN poli-
cies will take precedence over Alcatel-Lucent CLI/SNMP policies unless the Alcatel-Lucent policies are
configured with a precedence value higher than 101.
cies will take precedence over Alcatel-Lucent CLI/SNMP policies unless the Alcatel-Lucent policies are
configured with a precedence value higher than 101.
QoS policies configured through LDAP are given a value in the range 30000 to 65535. Therefore LDAP
policies take precedence over ACLMAN policies.
policies take precedence over ACLMAN policies.
Interaction With the Alcatel-Lucent CLI
CLI command. Once the ACLMAN interactive shell interface is
active, no other Alcatel-Lucent CLI commands are accepted. All ACLMAN configuration is performed
using commands specific to the shell interface. For more information, see
using commands specific to the shell interface. For more information, see
QOS policies configured through ACLMAN are visible through the AOS CLI using the show policy
commands. Note that ACLMAN policies that are not applied to a switch interface are not yet active on the
switch and will not appear in a CLI show command output display.
commands. Note that ACLMAN policies that are not applied to a switch interface are not yet active on the
switch and will not appear in a CLI show command output display.
The ACLMAN show commands only display ACLMAN configuration information. There is no
ACLMAN command at this time that displays Alcatel-Lucent CLI policy configurations.
ACLMAN command at this time that displays Alcatel-Lucent CLI policy configurations.
When the Alcatel-Lucent CLI configuration snapshot command is used to save the switch configuration
to an ASCII text file, ACLMAN configured policies are not included. It is possible, however, to create text
files containing supported ACL syntax and import the contents of the file into the ACLMAN running
configuration. See
to an ASCII text file, ACLMAN configured policies are not included. It is possible, however, to create text
files containing supported ACL syntax and import the contents of the file into the ACLMAN running
configuration. See
for more information.