System information

ManualsBrandsAmer Networks ManualsNetworkingSS2GR2048IP

Publication date: Feb., 2012

Revision A1

- 22 -

CLIReferenceGuide

Chapter 5 ACLCommandsofCLI

ACL

The switch accesscontrollist(ACL)isprobablythe mostcommonly used

objectintheIOS.Itisusedforpacketfilteringbutalsoforselectingtypes

oftra f fictobeanalyzed,forwarded,orinfluencedinsomeway.TheACLs

are divided into EtherT ypes. IPv4, ARP protocol, MAC and VL AN

parameters

 etc. Here we will just go over the standard and extended

access lists for TCP /IP. As you create ACEs for ingress classification, you

canassignapolicyforeachport,thepolicynumberis1‐8,however,each

policy can be applied to any port. This makes it very eas y 

to determine

whattypeofACLpolicyyouwillbeworkingwith.

Table 4: ACL Commands

Command

Function

ace

Add or modify access control entry

action

Configure ACL port default action

Clear

Clear all ACL counters

delete

To delete the ACE (Access Control Entry) configuration on

the switch

logging

Configure ACL port default logging operation

move

Move ACE

policy

Configure ACL port policy

rate-limiter

To set ACL rate limit

show

Show ACL information

shutdown

Configure ACL port default shut down operation

ace: ThecommandletsyouaddormodifyAccessControl

Entry.

Syntax:

ace <index>

Parameter :

<1-256> : If the ACE ID is specified and an entry with this ACE ID

already exists, the ACE will be modified. Otherwise, a new ACE will be

added.

<0-256>: If the next ACE ID is non-zero, the ACE will be placed before

this ACE in the list. If the next ACE ID is zero, the ACE will be placed last

in the list.

policy: Policy ACE keyword, the rule applies to all ports configured

with the specified policy.

port: Port ACE keyword, the rule applies to the specified port only.