SmartWare Software Configuration Guide

24 • Access control list configuration

 

 

Binding and unbinding an access control list profile to an IP interface

The command use is used to bind an access control list profile to an IP interface. This procedure describes how to bind an access control list profile to incoming packets on an IP interface

Mode: Profile access control list

 

Step

 

Command

Purpose

 

 

 

 

 

 

 

1

node(if-ip)[if-name]#use profile acl name in

Binds access control list profile name to incom-

 

 

 

 

 

ing packets on IP interface if-name

 

 

 

 

 

 

 

Where the syntax is:

 

 

 

 

 

 

 

Keyword

Meaning

 

 

 

 

 

 

if-name

The name of the IP interface to which an access control list profile gets bound

 

 

 

 

 

 

name

The name of an access control list profile that has already been created using the profile acl

 

 

 

 

command. This argument must be omitted in the no form

 

 

 

 

 

 

in

Specifies that the access control list profile applies to incoming packets on this interface.

 

 

 

 

 

 

out

Specifies that the access control list applies to outgoing packets on this interface.

 

 

 

 

 

 

 

The no form of the use command is used to unbind an access control list profile from an interface. When using this form the name of an access control list profile, represented by the name argument above, is not required. This procedure describes how to unbind an access control list profile to incoming packets on an IP interface

Mode: Interface

Step

Command

Purpose

1node(if-ip)[if-name]#no use profile acl in Unbinds access control list profile for incoming pack- ets on IP interface if-name

Where the syntax is:

Keyword

Meaning

 

 

if-name

The name of the IP interface to which an access control list profile gets bound

 

 

in

Specifies that the access control list profile applies to incoming packets on this interface.

 

 

out

Specifies that the access control list applies to outgoing packets on this interface.

 

 

Thus for each IP interface only one incoming and outgoing access control list can be active at the same time. Example: Bind and unbind an access control list entries to an IP interface

Bind an access control list profile to incoming packets on the interface wan in the IP router context.

node(cfg)#context ip router node(cfg-ip)[router]#interface wan node(cfg-if)[wan]#use profile acl WanRx in

Access control list configuration task list

263

Page 263
Image 263
Patton electronic SmartNode 4110 Series manual Where the syntax is