Reference Guide (Supporting software release 4.1.0.0-040GR and later) User guide
Table Of Contents
- Table of Contents
- About This Document
- Introduction
- Common Commands
- User Exec Commands
- Privileged Exec Commands
- Global Configuration Commands
- Crypto-isakmp Instance
- Crypto-group Instance
- Crypto-peer Instance
- Crypto-ipsec Instance
- Crypto-map Instance
- Crypto-trustpoint Instance
- Interface Instance
- Spanning tree-mst Instance
- Extended ACL Instance
- Standard ACL Instance
- Extended MAC ACL Instance
- DHCP Server Instance
- DHCP Class Instance
- RADIUS Server Instance
- Wireless Instance
- RTLS Instance
- SOLE Instance
366 Brocade Mobility RFS7000-GR CLI Reference Guide
53-1001945-01
Extended ACL Config Commands
14
Parameters
permit {ip}
{source/source-mask
A.B.C.D/M| host sourcehost
| any}
{destination/destination-ma
sk | host destinationhost |
any}
[log]
[rule-precedence
access-list-entry precedence]
Use the permit command to allow IP packets.
• permit – The keyword specifies permit action on an ACL.
• {ip} – Specify IP (to match any protocol).
• {source/source-mask A.B.C.D/M| host sourcehost | any} – source is the source
IP address of the network or host in dotted decimal. Source-mask is the
network mask. For example, 10.1.1.10/24 indicates the first 24 bits of the
source IP are used for matching.
• any is an abbreviation for source IP of 0.0.0.0 and source-mask bits equal
to 0.
• host is an abbreviation for exact source (A.B.C.D) and source-mask bits
equal to 32.
• {destination/destination-mask | host destinationhost | any} – The destination
host IP address or destination network address.
• [log] – Generates log messages when the packet coming from the interface
matches the ACL entry. Log messages are generated only for router ACLs.
• [rule-precedence access-list-entry precedence] – Integer value between
1-5000. This value sets the rule precedence in the ACL.