HP xw460c Blade Access Control List configuration, Egrport port number, Action permitdenysetprio

Page 147

[ACL Menu]
acl	- Access Control List Item Config Menu
group	-	Access Control List Group Config Menu
cur	-	Display current ACL configuration

Use this menu to create Access Control Lists (ACLs) and ACL Groups. ACLs define matching criteria used for IP filtering and Quality of Service functions.

The following table describes the Access Control Configuration Menu options.

Table 159 Access Control Configuration Menu options

Command	Description

acl <1-762>	Displays Access Control List (ACL) configuration menu.

group <1-762>	Displays ACL Group configuration menu.

cur	Displays the current Access Control parameters.

Access Control List configuration

Command: /cfg/acl/acl <1-762>

[ACL 1 Menu]

ethernet	- Ethernet Header Options Menu
ipv4	- IP Header Options Menu
tcpudp	- TCP/UDP Header Options Menu
meter	- ACL Metering Configuration Menu
re-mark	- ACL Re-mark Configuration Menu
pktfmt	- Set to filter specific packet format types
egrport	- Set to filter for packets egressing this port
action	- Set filter action
stats	- Enable/disable statistics for this acl
reset	- Reset filtering parameters
cur	- Display current filter configuration

These menus allow you to define filtering criteria for each Access Control List (ACL). The following table describes the ACL Configuration Menu options.

Table 160 ACL Configuration Menu options

Command	Description

ethernet	Displays the ACL Ethernet configuration menu.

ipv4	Displays the ACL IP version 4 configuration menu.

tcpudp	Displays the ACL TCP/UDP configuration menu.

meter	Displays the ACL meter configuration menu.

re-mark	Displays the ACL re-mark configuration menu.

pktfmt	Displays the ACL Packet Format configuration menu.

egrport <port number>	Configures the ACL to function on egress packets.
	The egress port ACL will not match a Layer 2 broadcast or multicast
	packet. The egress port ACL will not match packets if the destination port
	is a trunk.

action permitdenysetprio <0-7>	Configures a filter action for packets that match the ACL definitions. You
	can choose to permit (pass) or deny (drop) packets, or set the 802.1p
	priority for the packets.

stats ed	Enables or disables the statistics collection for the Access Control List.

reset	Resets the ACL parameters to their default values and removes the ACL
	from all ports to which it is assigned.

cur	Displays the current ACL parameters.

Configuration Menu 147

Image 147

Contents HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Page Contents Statistics Menu Configuration Menu 111 Index Command line interface Establishing a console connection Connecting to the switchIntroduction Additional referencesEstablishing an SSH connection Setting an IP addressTelnet GbE2c Ethernet Blade Switch IP address Establishing a Telnet connection# ssh user@GbE2c Ethernet Blade Switch IP address Accessing the switchIdle timeout AaBbCc123 Typographical conventionsMenu summary Main MenuGlobal commands DelayTraceroute host name IP address max-hops msec Telnet hostname IP address port Command line history and editingTab completion Command line interface shortcutsCommand stacking Command abbreviation# /cfg/sys/ssnmp/rcommwcomm Configuring Simple Network Management Protocol support# /cfg/sys/access/snmp disableread onlyread/write Main# /cfgSetting passwords Changing the default administrator passwordSystem# apply System# save Changing the default user password Changing the default operator password Menu overview Information MenuSNMPv3 Information Menu System Information MenuV1v2only AdminshaSNMPv3 USM User Table information CommSNMPv3 View Table information SNMPv3 Access Table informationSNMPv3 Group Table information SNMPv3 Community Table informationPrefix SNMPv3 Target Parameters Table information SNMPv3 Target Address Table informationCommand /info/sys/snmpv3/notify NameTag V1v2trapv1v2trap SNMPv3 Notify Table informationSec Level SNMPv3 dump System information System user information Show last 100 syslog messagesCfg/sys/access/user/uid command Layer 2 information8021x Stp FDB information menu Find MAC address VlanPort port number Show all FDB information Link Aggregation Control Protocol informationLacp dump 802.1x information Spanning Tree information Port Auth ModeAuthenticator PAE State Command /info/l2/stpHello Current RootPath-Cost Priority bridgeDesg 8018 Rapid Spanning Tree and Multiple Spanning Tree informationDesignated port Desg 8017 P2P2,EdgeDisabled DSB Common Internal Spanning Tree information Disabled DSB Trunk group informationDiscarding Disc , Learning LRN , Forwarding FWD , or Vlan information Layer 2 general informationLayer 3 information If IP address Route informationFind IP address Gw IP addressShow all IP Route information Vlan Command /info/arp/dump IP address Flags MAC addressARP information Show all ARP entry informationOspf information Nbr nbr router-id A.B.C.DDbase Sumaddr Nsumadd Routes Dump Ospf general information Ospf interface informationOspf Database information menu Nw adv-rtr A.B.C.D linkstateid A.B.C.Dself Advrtr router-id A.B.C.DAsbrsum adv-rtr A.B.C.D Linkstateid A.B.C.Dself Ext adv-rtr A.B.C.D linkstateid A.B.C.DselfOspf route codes information Routing Information Protocol informationRIP Routes information RIP user configuration IP informationIgmp multicast group information Command /info/l3/vrrp Vrrp information Igmp multicast router port informationVrrp information 8021p QoS information802.1p information QoS Menu 8021p Show QOS 802.1p informationRmon Information Menu ACL informationInterval Rmon history informationRmon alarm information Command /info/rmon/eventRmon event information Link status information Command /info/port Port Tag Rmon Pvid Port informationVLANs Uplink Failure Detection information Command /info/geaport Logical Port GEA Port0-based GEA UnitUplink Failure Detection Enabled LtM status Down Member Logical Port to GEA Port mappingInformation dump Command /info/dumpMenu information Ntp clearUfd clear Port Statistics Menu Authenticating 802.1x statisticsAuthSuccessesWhile Bridging statistics BackendNonNakResponsesFromSupplicant Ethernet statistics Dot3StatsMultipleCollisionFrames Dot3StatsFCSErrorsDot3StatsInternalMacTransmitErrors Dot3StatsSingleCollisionFramesInterface statistics Link statistics Internet Protocol IP statisticsPort Rmon statistics FDB statistics Layer 2 statisticsClrigmp 1- 4095 all Lacp statisticsLayer 3 statistics Arp clearL3 bucket for An IP address Dump GEA Layer 3 statistics menuGEA Layer 3 statistics IP statisticsARP statistics Route statisticsIcmp statistics DNS statisticsTCP statistics UDP statistics Ospf stats Menu Command /stats/l3/ospfIgmp Multicast Group statistics Ospf statistics menuOspf global statistics Nbr change Tx ls UpdatesVrrp statistics Timers KickoffPacket statistics Command /stats/l3/ripManagement Processor statistics RIP statistics10ad41e8/10ad5790 AllocsAccess Control List ACL statistics menu CPU statisticsACL statistics Snmp statistics Only NTP statistics Number of times LtM link in Blocking Command /stats/dumpUplink Failure Detection statistics Statistics dumpConfiguration Menu Applying pending changes Saving the configurationViewing, applying, reverting, and saving changes Viewing pending changesReminders System configurationHost IP address System host log configurationLine to end Bannr 1-80 charactersSecure Shell Server configuration Console disableenableLog featureall enabledisable Sshport TCP port number Radius server configurationCommand /cfg/sys/radius IntrvalTACACS+ server configuration Port TCP port number Telnet enabledisableCommand /cfg/sys/ssnmp NTP server configurationSystem Snmp configuration Dlight disableenableSNMPv3 configuration Name 1-64 charactersCharacters V1v2 disableenable User Security Model configurationMask 1-32 characters SNMPv3 View configurationName 1-32 characters Tree 1-32 charactersNoAuthNoPrivauthNo View-based Access Control Model configurationSNMPv3 Group configuration Usmsnmpv1snmpv2 LevelSNMPv3 Community Table configuration Usmsnmpv1snmpv2 UnameDel Deletes the vacmSecurityToGroup entry Cur Address ip Port transport SNMPv3 Target Address Table configurationSNMPv3 Target Parameters Table configuration Addr transportSnmpv1snmpv2csnmp Model SNMPv3 Notify Table configurationManagement Networks configuration System Access configurationUser Access Control configuration User ID configurationUseroperadmin Name Port configuration Https Access configurationAccess enabledisable Name 1-64 characters none Temporarily disabling a port Port link configurationLayer 2 configuration 802.1x configurationPort ACL/QoS configuration 802.1x Global configuration Mode forceUnauthautoforce-auth Reauth onoff 802.1x Port configurationRev Mode rstpmstp4095 Common Internal Spanning Tree configurationBridge parameter menu Port parameter menuCist port configuration Cist bridge configurationLink autop2pshared Spanning Tree configurationEdge disableenable CostBridge Spanning Tree configuration Cur Display current port Spanning Tree parameters Spanning Tree port configurationForwarding Database configuration Static FDB configurationFastfwd disableenable Add port number Trunk configurationMAC address Vlan port Clear mac MAC AddressVLAN 1-4095 Port port numberAllIP Trunk Hash configuration Layer 2 IP Trunk Hash configurationLink Aggregation Control Protocol configuration Mode offactivepassive Lacp Port configurationVlan configuration Timeout shortlongLayer 3 configuration Port numberList of port numbers IP interface configuration Addr IP addressMask IP subnet mask Default Gateway configuration IP Static Route configurationDirbr disableenable Address Resolution Protocol configurationIP Forwarding configuration Network Filter configurationRoute Map configuration Ap AS number AS number ASLp 0-4294967294 none Action permitdeny IP Access List configurationAutonomous System Path configuration Metric 1-4294967294noneRouting Information Protocol configuration RIP Interface configuration Remove 1-32 1-32all Open Shortest Path First configurationRIP Route Redistribution configuration Add 1-32 1-32allRedist fixedstaticrip Osfp Area Index configurationDefault 1-16777215 12none Md5key 1-255 charactersType transitstubnssa Ospf Summary Range configurationAuth nonepasswordmd5 Areaid IP addressMdkey 1-255none Ospf Interface configurationMask IP address mask Key key stringnoneOspf Virtual Link configuration Key passwordNbr IP address Export 1-16777215 12none Ospf Host Entry configurationOspf Route Redistribution configuration Rem 1-32 1-32 ... allOspf MD5 Key configuration Igmp configurationSrcip IP address Igmp snooping configurationAggr disableenable Fastlv 1-4095 disableenableFilter Igmp static multicast router configurationIgmp filtering configuration Add port number 1-4095Multicast address Igmp filtering port configurationIgmp filter definition Range IP multicast address IPDomain Name System configuration Bootstrap Protocol Relay configurationVrrp Virtual Router configuration Virtual Router Redundancy Protocol configurationPreem disableenable Ifs disableenable Vrrp Virtual Router Priority Tracking configurationVrrp Virtual Router Group configuration Vrs disableenableVrrp Virtual Router Group Priority Tracking configuration Vrrp Interface configuration Vrrp Tracking configurationPassw password Quality of Service configuration Access Control configurationQoS 802.1p configuration Stats ed Access Control List configurationEgrport port number Action permitdenysetprioACL IP Version 4 Filter configuration ACL Ethernet Filter configurationACL TCP/UDP Filter configuration Sport 1-65535 port maskFlags value 0x0-0x3f Cir ACL Meter configurationACL Re-mark configuration Enable edACL Re-mark In-Profile configuration ACL Re-mark In-Profile Update User Priority configurationACL Re-mark Out-of-Profile configuration Remote Monitoring configuration ACL Packet Format configurationACL Group configuration Rmon history configuration Ifoid 1-127 charactersOwner 1-127 characters Type nonelogtrapboth Rmon event configurationRmon alarm configuration Descn 1-127 charactersFlimit -2147483647 to Port mirroringRlimit -2147483647 to 2147483647Rem mirrored port Uplink Failure Detection configurationPort-based port mirroring Add mirrored port inoutbothRemport port number Failure Detection Pair configurationLink to Monitor configuration Addport port numberAddport port number Remport port number Saving the active switch configurationLink to Disable configuration DumpRestoring the active switch configuration Command /cfg/gtcfg FTP/TFTP server filenameConfiguration# gtcfg FTP/TFTP server filename Operations-level port options Operations MenuReset Reauth Operations-level port 802.1x optionsOperations-level Vrrp options Downloading new software to the switch Updating the switch software imageAddress Selecting a software image to runBoot Options# conf Uploading a software image from the switchSelecting a configuration block Boot Options# ptimgBoot Options# cur Resetting the switchAccessing the Iscli Boot Options# resetMaintenance Menu 0xXXXXXXXX System maintenance optionsForwarding Database options Flags new Nvram flags word asARP cache options Debugging optionsIP Route Manipulation options Igmp Multicast Group optionsBroadcastmartian Igmp Mrouter options Igmp Snooping optionsUuencode flash dump FTP/TFTP system dump putClearing dump information Unscheduled system dumps Panic commandCommand /maint/panic Confirm dump and reboot y/n yIndex

Related manuals

Manual 33 pages 57.51 Kb