Chapter 6: Command Line Interface

acl (addedit) <1-220> (permitdeny) <0-4094> ipv4 <0-255> Description:

Add or edit ACL group for Ipv4.

Syntax:

acl (addedit) <1-220> (permitdeny) <0-4094> ipv4 <0-255> A.B.C.D A.B.C.D A.B.C.D A.B.C.D (checkunCheck) <0-65535> <0-26>

Parameters:

(addedit) specifies the operation. <1-220>specifies the group id.

(permitdeny) specifies the action. permit: permit packet cross switch; deny: drop packet.

<0-4094>specifies the VLAN id. 0 means don't care. <0-255>specifies the IP protocol. 0 means don't care.

A.B.C.D specifies the Source IP address. 0.0.0.0 means don't care.

A.B.C.D specifies the Mask. 0.0.0.0 means don't care, 255.255.255.255 means compare all.

A.B.C.D specifies the Destination IP Address. 0.0.0.0 means don't care.

A.B.C.D specifies the Mask. 0.0.0.0 means don't care, 255.255.255.255 means compare all.

(checkunCheck) specifies the IP Fragment. check: Check IP fragment field; unCheck: Not check IP fragment field.

<0-65535>specifies the Destination port number if TCP or UDP. 0 means don't care. <0-26>specifies the Port id. 0 means don't care.

e.g.

Switch(config)# acl add 1 deny 1 ipv4 0 192.168.1.1 255.255.255.255 0.0.0.0 0.0.0.0 unCheck 0 0

This ACL rule will drop all packet from IP is 192.168.1.1 with VLAN id=1 and IPv4.

196

GE-DS-82 and 82-PoE Ethernet Managed Switch User Manual

Page 200
Image 200
GE GE-DS-82, 82-POE user manual Acl addedit 1-220 permitdeny 0-4094 ipv4 0-255 Description, Add or edit ACL group for Ipv4