Example

Dell(conf)#ip access-list extended TESTListEXTEND

 

Dell(config-ext-nacl)#

Related

ip access-list standard — configures a standard IP access list.

Commands

 

 

show config — displays the current configuration.

permit

To pass IP packets meeting the filter criteria, configure a filter.

Syntaxpermit {source mask any host ip-address} {destination mask

any host ip-address} [count [bytes]] [dscp value] [order] [fragments]

To remove this filter, you have two choices:

•Use the no seq sequence-numbercommand if you know the filter’s sequence number.

•Use the no deny {source mask any host ip-address} {destination mask any host ip-address} command.

Parameters

Enter the IP address in dotted decimal format of the network

source

 

from which the packet was sent.

mask

(OPTIONAL) Enter a network mask in /prefix format (/x) or

 

A.B.C.D. The mask, when specified in A.B.C.D format, may be

 

either contiguous or non-contiguous.

any

Enter the keyword any to specify that all routes are subject

 

to the filter.

host ip-address

Enter the keyword host then the IP address to specify a host

 

IP address or hostname.

destination

Enter the IP address of the network or host to which the

 

packets are sent.

count

(OPTIONAL) Enter the keyword count to count packets

 

processed by the filter.

bytes

(OPTIONAL) Enter the keyword bytes to count bytes

 

processed by the filter.

dscp

(OPTIONAL) Enter the keyword dcsp to match to the IP

 

DCSCP values.

order

(OPTIONAL) Enter the keyword order to specify the QoS

 

priority for the ACL entry. The range is from 0 to 254 (where

 

0 is the highest priority and 254 is the lowest; lower-order

 

numbers have a higher priority). If you do not use the

 

keyword order, the ACLs have the lowest order by default

 

(255).

Access Control Lists (ACL)

209

Page 209
Image 209
Dell 9.7(0.0) manual Dellconf#ip access-list extended TESTListEXTEND, Dellconfig-ext-nacl#