Technical data
ServerIron ADX NAT64 Configuration Guide 55
53-1002288-02
Configuring numbered and named ACLs
4
DRAFT: BROCADE CONFIDENTIAL
access-list 1 deny host 209.157.22.26
access-list 1 deny 209.157.22.0 0.0.0.255
access-list 1 permit any
access-list 101 deny tcp any any eq http
The options at the ACL configuration level and the syntax for the ip access-group command are the
same for numbered and named ACLs and are described in “Configuring standard numbered ACLs”
on page 46.
Configuration example for extended ACL
To configure a named extended ACL entry, enter commands such as the following.
The options at the ACL configuration level and the syntax for the ip access-group command are the
same for numbered and named ACLs and are described in “Configuring extended numbered ACLs”
on page 48.
Displaying ACL definitions
To display the ACLs configured on a device, use the show ip access-lists command. Here is an
example.
ServerIronADX(config)# show ip access-lists
Extended IP access list 101
deny tcp host 209.157.22.26 host 209.157.22.26 eq http
Syntax: show ip access-lists [<num>]
The show access-list and show ip access-list commands have been updated to display ACL entries
with line numbers.
Numbered ACL
For a numbered ACL, you can enter a command such as the following.
ServerIronADX(config)# show access-list 99 3
Standard IP access-list 99
deny 10.10.10.1
deny 192.168.1.13
permit any
Syntax: show access-list <acl-number> [<line-number>]
Enter the ACL’ number for the <acl-number> parameter.
Determine from which line you want the displayed information to begin and enter that number for
the <line-number> parameter.
Named ACL
For a named ACL, enter a command such as the following.
ServerIronADX(config)# ip access-list extended “block Telnet”
ServerIronADX(config-ext-nacl)# deny tcp host 209.157.22.26 any eq telnet
ServerIronADX(config-ext-nacl)# permit ip any any
ServerIronADX(config-ext-nacl)# exit
ServerIronADX(config)# int eth 1/1
ServerIronADX(config-if-1/1)# ip access-group “block Telnet” in