CLI Guide
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
ip access-group
Apply an egress IP ACL to an interface.
Syntax ip access-group access-list-name {in | out} [implicit-permit] [vlan vlan-id]
Parameters
access-list-name Enter the name of a congured access list, up to 140 characters.
in Enter the keyword in to apply the ACL to incoming trac.
out Enter the keyword out to apply the ACL to the outgoing trac.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to change the default action of the
ACL from implicit-deny to implicit-permit (that is, if the trac does not match the lters
in the ACL, the trac is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan then the ID numbers of the VLANs.
Defaults Not enabled..
Command Modes INTERFACE
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module platform.
Usage Information You can assign one ACL (standard or extended ACL) to an interface..
NOTE: This command is
not
supported on the FN IOMSwitch Loopback interfaces.
NOTE: If outbound(egress) IP ACL is applied on switch port, lter will be applied only for routed trac
egressing out of that port.
Related Commands
ip access-list standard — congures a standard ACL.
ip access-list extended — congures an extended ACL.
show ip access-lists
Display all of the IP ACLs congured in the system, whether or not they are applied to an interface, and the count of matches/mismatches
against each ACL entry displayed.
Syntax
show ip access-lists [access-list-name] [interface interface] [in]
Parameters
access-list-name Enter the name of a congured MAC ACL, up to 140 characters.
Access Control Lists (ACL) 153