Alcatel-Lucent 6850-48 Guida Di Rete
Using ACL Manager
Quick Steps for Creating ACLs
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
page 39-3
Quick Steps for Creating ACLs
The following steps provide a quick tutorial for creating a standard ACL using the ACLMAN shell:
1 Activate the ACLMAN shell using the aclman CLI command.
-> aclman
Welcome to ACLMAN
Aclman#
When the shell goes operational, the Privileged Exec Mode is automatically activated.
2 Enter the configure terminal command to access the Global Configuration Mode.
Aclman#configure terminal
Aclman(config)#
3 Use the access-list command to create a standard ACL that will permit traffic originating from a
specific IP network.
specific IP network.
Aclman(config)#access-list 1 permit 10.0.0.0 0.255.255.255
4 Use the interface ethernet command to enter the Interface Configuration Mode for a specific ethernet
switch port. To specify the switch port, enter the slot number followed by a slash and the port number on
that slot (e.g. 3/1 specifies port 1 on slot 3).
switch port. To specify the switch port, enter the slot number followed by a slash and the port number on
that slot (e.g. 3/1 specifies port 1 on slot 3).
Aclman(config)#interface ethernet 1/1
Aclman(config-if)#
5 Use the ip access-group command to associate the access list created in Step 3 as a filter for either
incoming (in) or outgoing (out) traffic on port 1/1.
incoming (in) or outgoing (out) traffic on port 1/1.
Aclman(config-if)#ip access-group 1 in
6 Enter the exit command to return to the Global Configuration Mode to create additional ACL entries or
enter the end command to return to the Privileged Exec Mode.
enter the end command to return to the Privileged Exec Mode.
Aclman(config-if)#end
7 Optional. In the Privileged Exec Mode, use the show ip access-lists command to verify the ACL
configuration. The display is similar to the following:
configuration. The display is similar to the following:
Aclman#show ip access-lists
Standard IP access list 1
Standard IP access list 1
10 permit 10.0.0.0, wildcard bits 0.255.255.255
8 In the Privileged Exec Mode, use the write memory command to save the running ACL configura-
tion. Note that if this is not done, the ACL configuration is lost on the next reboot of the switch.
tion. Note that if this is not done, the ACL configuration is lost on the next reboot of the switch.
Aclman#write memory
9 To close the ACLMAN shell and return to the Alcatel-Lucent CLI, access the Privileged Exec Mode
and use the exit command. Note that when modes other than the Privileged Exec Mode are active, the exit
command returns to the previous mode and does not close the ACLMAN shell. For example:
and use the exit command. Note that when modes other than the Privileged Exec Mode are active, the exit
command returns to the previous mode and does not close the ACLMAN shell. For example:
Aclman(config-if)#exit
Aclman(config)#exit
Aclman#exit