Show ip access-lists | NETGEAR 7300 Series guide

User Manual for the NETGEAR 7300 Series Layer 3 Managed Switch Software

Chapter 11

CLI Commands: ACL

Show Commands

show ip access-lists

This command displays an Access Control List (ACL) and all of the rules that are defined for the ACL. The <accesslistnumber> is the number used to identify the ACL.

Format	show ip access-lists <accesslistnumber>
Mode	Privileged EXEC and User EXEC
Rule Number	This displays the number identifier for each rule that is defined
	for the ACL.
Action	This displays the action associated with each rule. The possible
	values are Permit or Deny.
Protocol	This displays the protocol to filter for this rule.
Source IP Address	This displays the source IP address for this rule.
Source IP Mask	This field displays the source IP Mask for this rule.
Source Ports	This field displays the source port range for this rule.
Destination IP Address This displays the destination IP address for this rule.
Destination IP Mask	This field displays the destination IP Mask for this rule.
Destination Ports	This field displays the destination port range for this rule.

Service Type Field Match This field indicates whether an IP DSCP, IP Precedence, or IP TOS match condition is specified for this rule.

Service Type Field Value This field indicates the value specified for the Service Type Field Match (IP DSCP, IP Precedence, or IP TOS).

CLI Commands: ACL

11-1

202-10009-01_060204

Image 269

NETGEAR 7300 Series user manual Show ip access-lists

Contents

202-10009-01060204 Technical Support Canadian Department of Communications Compliance Statement 202-10009-01060204 Contents Chapter Command Line Interface Structure Dot1P Commands 202-10009-01060204 Snmptrap mode No snmptrap mode Telnet No telnet 202-10009-01060204 202-10009-01060204 202-10009-01060204 LAN Security Commands 100 Chapter Routing Commands Contents Xvii 202-10009-01060204 202-10009-01060204 202-10009-01060204 202-10009-01060204 Chapter CLI Commands Differentiated Services Chapter CLI Commands ACL Chapter FSM7326P Power Over Ethernet Commands Appendix C Glossary Xxvi Contents Audience Why the Document was CreatedHow to Use This Document Special Message Formats Typographical Conventions Figure Preface -2 Html version of this manual Features of the Html Version of this Manual How to Print this Manual Scope Switch Management Overview Comparing Switch Management Methods Set Up Your Switch Using Direct Console Access Administration Console Telnet Interface Connection Description Connection Settings Administration Console Telnet Interface Web Based Management Overview Chapter Web-Based Management Interface 7300 IP address in browser address bar How to Log In to the Managed Switch User name/password dialog box System Information Web-Based Management Utility Features Menus Interactive Switch Image Menu navigation Main Menus Management SwitchSecondary Menus Routing System-Wide Popup MenusTraffic Management Smart Wizard Port-Specific Popup Menus Web-Based Management Interface Command CLI Command Format Values Parameters Macaddr Conventions Annotations Chapter Quick Start up Quick Starting the Switch Quick Start up Physical Port Data System Info and System SetupQuick Start up Software Version Information Quick Start up IP Address Quick Start up User Account Management Web Browser Xmodem Quick Start up Uploading from Switch to Out-of-Band PC Only Systemimage Quick Start up Downloading from Tftp Server Quick Start up Factory Defaults Quick Start up Factory Defaults Quick Start up Chapter Mode-based CLI Enter the router ospf Mode-based Topology Passwd Command prompt shown at this level is Mode-based Command Hierarchy Figuration mode to configure the QoS policy map Invalid input detected at ‘’ marker Flow of Operation Support for No Form No Form of a CommandBehavior of Command Help ? Show arp switch System Information and Statistics CommandsFormat Mode Show hardware Show eventlog Software Version Show interface Packets Received Show interface ethernet Packets Received Successfully Received Packets not forwarded Packets Received with MAC Errors Packets Transmitted Octets Packets Transmitted Successfully Protocol Statistics Transmit ErrorsTransmit Discards Dot1x Statistics Switching Commands Log Show logging System Up Time Show mac-addr-tableTrap If Index Show sysinfo Show running-configShow msglog Network mgmtvlan Management Vlan CommandsSnmp-server Classofservice dot1pmapping Dot1P CommandsShow classofservice dot1pmapping Vlan port priority all Vlan priority LAG/Port-Channel 802.3ad CommandsPort-channel staticcapability Show port-channel briefPage Network javamode MtuNo mtu No network javamode Network mac-type Network mac-addressNetwork parms No network mac-type No remotecon maxsessions Network protocolRemotecon maxsessions No remotecon timeout Remotecon timeoutSerial baudrate No serial baudrate No serial timeout Serial timeoutSet prompt Show forwardingdb agetime Show network Default GatewayAgetime Subnet Mask Format Mode Java ModeShow remotecon Show serial Show snmpcommunity Show serviceport Show snmptrap Access ModeClient IP Address Client IP Mask Show trapflags No snmp-server community Snmp-server communitySnmp-server community ipaddr Snmp-server community ipmask Snmp-server community modeNo snmp-server community ipaddr No snmp-server community ipmask No snmp-server community mode Snmp-server enable trapsNo snmp-server enable traps Snmp-server community ro Snmp-server enable traps linkmode Snmp-server enable traps bcaststormNo snmp-server enable traps bcaststorm No snmp-server enable traps linkmode Snmp-server enable traps stpmode Snmp-server enable traps multiusersNo snmp-server enable traps stpmode Snmptrap No snmptrap mode Snmptrap modeSnmptrap ipaddr No snmptrap Telnet Http CommandsIp http secure-port No telnet Ip http secure-server Ip http secure-protocolIp http server No ip http secure-protocol Ip ssh Secure Shell SSH CommandsShow ip http Ip ssh protocol Device Configuration CommandsShow ip ssh Addport Auto-negotiate all Auto-negotiateDelete interface No auto-negotiate No monitor session DeleteportMonitor session No monitor session mode Monitor session modePort lacpmode Port lacpmode all No port-channel adminmode Port-channel adminmodePort-channel Port-channel linktrap Protocol group Port-channel nameNo port-channel linktrap No protocol group Protocol vlan group all Protocol vlan groupNo protocol vlan group No protocol vlan group all Set garp timer join all Set garp timer joinNo set garp timer join No set garp timer join all Set garp timer leave all Set garp timer leaveNo set garp timer leave No set garp timer leave all No set garp timer leaveall Set garp timer leaveallSet garp timer leaveall all No set garp timer leaveall all Set gmrp adminmodeNo set gmrp adminmode Set gmrp interfacemode Set gmrp interfacemode all Set gvrp adminmodeNo set gmrp interfacemode No set gmrp interfacemode all Set gvrp interfacemode all Set gvrp interfacemodeNo set gvrp interfacemode No set gvrp interfacemode all No set igmp Set igmp Set igmp interfacemode all Set igmp groupmembershipintervalNo set igmp groupmembershipinterval No set igmp interfacemode all Set igmp mcrtrexpiretime Set igmp maxresponseShow garp No set igmp maxresponse Show gmrp configuration Port Gvrp Mode Show gvrp configurationPort Gmrp Mode Query Interval Time Admin ModeShow igmpsnooping Type Show mac-address-table gmrpDescription Interfaces Show mac-address-table multicast Show mac-address-table igmpsnooping Show mac-address-table staticfiltering Show mac-address-table staticComponent Source Ports Show monitor Show mac-address-table stats Show port protocol Show port Show port-channel Show vlan Show storm-control Tagging ConfiguredShow vlan brief Shutdown Show vlan port Snmp trap link-status Shutdown allNo shutdown No shutdown all Spanning-tree Snmp trap link-status all Speed all Spanning-tree bpdumigrationcheckSpeed No storm-controlbroadcast Storm-control broadcast No storm-control flowcontrol Storm-control flowcontrolVlan Vlan ingressfilter Vlan acceptframeNo vlan No vlan acceptframe Vlan name Vlan makestaticVlan participation No vlan ingressfilter Include Vlan participation allExclude Auto Vlan port ingressfilter all Vlan port acceptframe allNo vlan port acceptframe all No vlan port ingressfilter all Vlan port tagging all Vlan port pvid allVlan protocol group No vlan port pvid all Vlan protocol group remove Vlan protocol group add protocolVlan pvid No vlan protocol group add protocol Vlan tagging Spanning Tree CommandsShow spanning-tree No vlan pvid Bridge Forward Delay Root Port Bridge Forward Delay Derived valueBridge Priority Bridge Identifier Time Since Topology Change in seconds Show spanning-tree mst detailed Format Mode Port modeShow spanning-tree interface Show spanning-tree mst port detailed Show spanning-tree mst port summary Show spanning-tree summary Show spanning-tree mst summary Show spanning-tree vlan Spanning-tree configuration nameVlan Identifier Associated Instance No spanning-tree No spanning-tree configuration name Spanning-tree configuration revisionNo spanning-tree configuration revision Spanning-tree edgeport Spanning-tree forward-time Spanning-tree forceversionNo spanning-tree edgeport No spanning-tree forceversion Spanning-tree max-age Spanning-tree hello-timeNo spanning-tree forward-time No spanning-tree hello-time No spanning-tree mst Spanning-tree mstNo spanning-tree max-age No spanning-tree mst instance Spanning-tree mst instanceSpanning-tree mst priority No spanning-tree mst vlan Spanning-tree mst vlanNo spanning-tree mst priority Spanning-tree port mode User Account Management CommandsSpanning-tree port mode all No spanning-tree port mode Show users Show loginsessionDisconnect No users name SNMPv3 AccessModeUsers name No users snmpv3 accessmode Users snmpv3 accessmodeUsers passwd No users passwd No users snmpv3 authentication Users snmpv3 authenticationUsers snmpv3 encryption No users snmpv3 encryption No authentication login Security CommandsAuthentication login Clear dot1x statistics Dot1x defaultloginClear radius statistics Dot1x initialize Dot1x max-req Dot1x loginDot1x port-control No dot1x max-req No dot1x port-control All Dot1x port-control AllNo dot1x port-control Dot1x re-authentication Dot1x re-authenticateNo dot1x re-authentication Dot1x system-auth-control Dot1x timeout No dot1x timeout Radius accounting modeNo radius accounting mode Dot1x user No radius server host Radius server host Radius server key Default10Radius server msgauth Radius server primary No radius server timeout Radius server timeoutShow accounting No radius server retransmit Bad Authenticators Secret ConfiguredTimeouts Port Show authentication users Show authenticationShow dot1x Method Protocol Version Control ModePAE Capabilities Quiet Period Server Timeout Supplicant TimeoutTransmit Period Maximum Requests Show radius Show dot1x users Accounting Mode Timeout DurationShow radius statistics Server IP Address Access Accepts Show users authenticationAccess Rejects Access Challenges Users login Users defaultloginClear config System Utilities Clear igmpsnooping Clear countersClear pass Clear port-channel Copy Clear vlan Reload LogoutPing 116 Switching Commands No 1583compatibility Routing Commands1583compatibility Area default-cost Area authenticationNo area authentication Area nssa Area nssa no-redistribute Ospf Area nssa default-info-originateArea nssa no-summary Ospf Area nssa translator-role Ospf Area range Area nssa translator-stab-intvArea stub No area range Area virtual-link Area stub summarylsaNo area stub No area stub summarylsa Area virtual-link dead-interval Area virtual-link authenticationNo area virtual-link authentication Area virtual-link retransmit-interval Area virtual-link hello-intervalNo area virtual-link dead-interval No area virtual-link hello-interval No area virtual-link transmit-delay Area virtual-link transmit-delayArp No area virtual-link retransmit-interval Arp dynamicrenew Arp cachesizeNo arp No arp cachesize Arp resptime Arp purgeArp retries No arp dynamicrenew No arp timeout Arp timeoutAuto-summary No arp retries Routing Commands Bootpdhcprelay minwaittime Bootpdhcprelay maxhopcountNo bootpdhcprelay maxhopcount No bootpdhcprelay minwaittime Clear arp-cache Bootpdhcprelay serveripDefault-information originate Ospf Default-metric RIP Default-information originate RIPDefault-metric Ospf Enable RIP Enable OspfNo enable Ospf No enable RIP Distribute-list out Distance ripNo distance ospf No distance rip No distribute-list out No default-information originateEncapsulation External-lsdb-limit Exit-overflow-intervalRestrictions No exit-overflow-interval Ip address HostroutesacceptNo hostroutesaccept No ip address Ip forwarding Ip ecmpmodeIp irdp No ip ecmpmode Ip irdp holdtime Ip irdp addressNo ip irdp No ip irdp address Ip irdp preference Ip irdp maxadvertintervalIp irdp minadvertinterval Ip ospf Ip netdirbcastNo ip irdp preference No ip netdirbcast Ip ospf areaid Ip ospf authenticationNo ip ospf authentication Ip ospf dead-interval Ip ospf costNo ip ospf cost No ip ospf dead-interval Ip ospf priority Ip ospf hello-intervalNo ip ospf hello-interval No ip ospf priority No ip ospf transmit-delay Ip ospf transmit-delayIp ospf retransmit-interval No ip ospf retransmit-interval No ip rip authentication Ip rip authenticationIp rip No ip rip Ip rip send version Ip rip receive versionNo ip rip receive version No ip rip send version No ip route default Ip route defaultIp route Ip route distance Redistribute Ip routingNo ip route distance No ip routing Format for other source protocol No redistribute Router-id Redistribute RIPRouting No redistribute RIP No routing Show arpAge Time seconds Retries Show arp brief Show ip interface Show bootpdhcprelayShow ip brief Active State Show ip interface briefLink Speed Data Rate Encapsulation Type Show ip ospf Show ip irdp Asbr Mode Ospf Admin ModeDefault-metric Default-info originate Show ip ospf area Show ip ospf interface Show ip ospf database Show ip ospf interface brief Virtual Events Show ip ospf interface stats Neighbor Events Show ip ospf neighbor Show ip ospf range Show ip ospf neighbor briefEvents Permanence Show ip ospf virtual-link Show ip ospf stub table Transit Delay Iftransit Delay IntervalShow ip ospf virtual-link brief Show ip rip Show ip rip interface brief Show ip route bestroutes Show ip route Show ip route preferences Show ip route entry Show ip vlan Show ip statsShow router rip interface Logical Interface Show ip vrrp Show ip vrrp interface brief Show ip vrrp interface Show ip vrrp interface stats IP TTL errors Trapflags Split-horizonVlan routing No trapflags No ip vrrp authentication Ip vrrp authenticationIp vrrp No ip vrrp No ip vrrp mode Ip vrrp mode Ip vrrp preempt Ip vrrp ipIp vrrp priority No ip vrrp preempt No ip vrrp priority Ip vrrp timers advertiseNo ip vrrp timers advertise CLI Commands Differentiated Services General Commands Service Levels Class CommandsDiffserv No diffserv No class-map Class-map Match class-map Class-map renameMatch any No match class-map Match destination-address mac Match dstl4port DefaultNoneMatch dstip Match ip precedence Match ip dscp Match protocol Match ip tos Match srcl4port Match source-address macMatch srcip Match vlan Policy Commands Bandwidth kbps Class Bandwidth percentPolicy Type Incompatibilities Mark ip-precedence Mark ip-dscpNo class Policy Type Incompatibilities Police-simple Service Commands No service-policy Service-policy Show class-map Show CommandsClass Name Class Type Values Match CriteriaExcluded ACL Number Show policy-map Show diffserv Mark CoS Policy NameMark IP Dscp Mark IP Precedence Shaping Average Exceed ActionBandwidth Class Members Show diffserv serviceDirection Operational Status DiffServ Mode Show diffserv service briefShow policy-map interface OperStatus 10-24 CLI Commands Differentiated Services Dir Show service-policyOffered Packets Discarded Packets 10-26 CLI Commands Differentiated Services Show ip access-lists No access-list Configuration CommandsAccess-list Ip access-group all Ip access-group 11-4 CLI Commands ACL Client-identifier Dhcp Server Configuration CommandsClient-name No client-identifier No default-router Default-routerDns-server No dns-server Host Hardware-addressNo hardware-address No host Ip dhcp ping packets Ip dhcp excluded-addressNo ip dhcp excluded-address No ip dhcp ping packets Lease Ip dhcp poolNo ip dhcp pool No lease Service dhcp Dhcp Server Show CommandsNo service dhcp Network Show ip dhcp binding Show ip dhcp global configurationShow ip dhcp pool configuration Show ip dhcp server statistics Clear ip dhcp server statistics Dhcp Server Clear CommandsClear ip dhcp binding 12-10 Dhcp Server Commands FSM7326P Power Over Ethernet Commands Poe Power Over Ethernet POE Commands Poe limit Poe priorityPoe usagethreshold Show poe port info Limit ClassOutput Show poe 13-6 FSM7326P Power Over Ethernet Commands Appendix a Is CLI Mapping Config acl rule action aclid Rulenum permit/deny Exec Is CLI Mapping Config diffserv policy police style Policy-Cla Police-simple Is CLI Mapping Show diffserv class summary Privileged Exec User Class-Ma Match not cos Config Is CLI Mapping Class-Ma Match not source-address mac Config Address macmask Is CLI Mapping Is CLI Mapping Is CLI Mapping Is CLI Mapping Vlan Is CLI Mapping RIP Neighborid authentication none Neighborid Is CLI Mapping Is CLI Mapping Config Router No 1583compatibility Config Router No split-horizon Series L3 Switch Command CLI Command Mode Syntax Global No snmp-server community ipmask Config Name Global No snmp-server enable traps Config Multiusers Is CLI Mapping Global No spanning-tree forceversion Config Config spanningtree bridge priority Removed 61440 Show inventory Privileged Show hardware Show traplog Privileged Show logging Transfer download mode xmodem Tftp Logout Privileged Show vlan summary Privileged Show vlan brief Exec User Macaddr all Config lag create name Global Port-channel name Config vlan create Global Vlan participation all exclude Config Include auto Config protocol vlan add groupid Global No set gmrp interfacemode all Config Is CLI Mapping Security Show users authentication Privileged Is CLI Mapping Security Show radius summary Privileged Show radius servers Is CLI Mapping All detail slot/port statistics Fast Ethernet Cable Guidelines Appendix B Cabling Guidelines Category 5 Cable Category 5 Cable Specifications Twisted Pair Cables Specifications Category 5 Cable Requirements 2illustrates crossover twisted pair cable Patch Panels and Cables Cabling Using 1000BASE-T Gigabit Ethernet over Category 5 CableLength Return Loss Patch Cables RJ-45 Plug and RJ-45 ConnectorsNear End Cross Talk Next PIN Normal Assignment on Uplink Assignment on Ports 1 to Conclusion Numeric Appendix C Glossary See Area Border Router on See Autonomous System Boundary Router on Packet sent to all devices on a network See Command Line Interface on See Differentiated Services on Computer, printer, or server that is connected to a network See Generic Attribute Registration Protocol on See Garp Multicast Registration Protocol on Internet Control Message Protocol See Local Area Network on Megabits per second See Multi-Protocol Label Switching on See Multiplexing on See Open Systems Interconnection on Set of rules for communication between devices on a network See Routing Information Protocol on See Resource Reservation Setup Protocol on See Simple Network Management Protocol on See TLS on See Virtual Local Area Network on Wins