DELL 8132 ユーザーズマニュアル
284
ACL Commands
Commands in this Chapter
This chapter explains the following commands:
access-list
Use the access-list command in Global Configuration mode to create an
Access Control List (ACL) that is identified by the parameter
list-name.
The command specifies the queue identifier to which packets matching this
rule are assigned. The command may also specify the mirror or redirect
interface (unit/slot/port) to which packets matching this rule are copied or
forwarded, respectively.
The time-range parameter allows imposing time limitation on the ACL rule
The time-range parameter allows imposing time limitation on the ACL rule
as defined by the parameter
time-range-name. If a time range with the
specified name does not exist, and the ACL containing this ACL rule is
applied to an interface or bound to a VLAN, then the ACL rule is applied
immediately. If a time range with specified name exists and the ACL
containing this ACL rule is applied to an interface or bound to a VLAN, then
the ACL rule is applied when the time-range with specified name becomes
active. The ACL rule is removed when the time-range with specified name
becomes inactive.
access-list
access-list
list-name {deny | permit} {every | {{icmp | igmp | ip | tcp |
udp |
number} any| srcip srcmask[{eq {portkey | 0-65535}] dstip dstmask
[{eq {
portkey | 0-65535}] [precedence precedence | tos tos tosmask | dscp
dscp]}[log] [time-range time-range-name] [assign-queue queue-id] [{mirror
| redirect}
interface-id]
no access-list
list-name
–
2CSPC4.X8100-SWUM102.book Page 284 Friday, March 15, 2013 8:56 AM