Manualshelf

Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 S2410-01-10GE-24P
201202203204205206207208209210
Access Control | 201
Attach a specified ACL to the selected interface:
ip access-group ACLnumber [1-4294967295] in
The optional 1-4294967295 variable is an integer that indicates the order of application of
this ACL relative to other ACLs assigned to this interface.
Figure 13-160. Using the ip access-group Command
When the ip access-group command is used in Interface Config mode, it attaches a specified ACL to the
selected interface. In Global Config mode, the command attaches a specified ACL to all interfaces.
Display a summary of all created IP Access Control Lists (ACLs), or details about the rules that are
defined for a specific ACL:
show ip access-lists [ACLnumber]
Figure 13-161. Sample show ip access-lists Command Output
Protecting the Management Interface with a Loopback ACL
Added in SFTOS 2.5.1, the loopback interface is a virtual interface in which the software emulates an
interface. Basically, the loopback interface is a handle controlling access to the CPU interface. When
configuring an ACL on the loopback interface, the ACL is applied to all physical interfaces in the system.
1. The
interface loopback 0 command creates the interface and invokes its own version of the Interface
Config mode — Interface Loopback Config mode — the prompt is (Interface loopback 0)#.
Commands that are available from Interface Config mode are also available in Interface Loopback
Config mode.
Force10 (Config)#interface 1/0/21
Force10 (Interface 1/0/21)#ip access-group 100 1 in
Force10 #show ip access-lists
Current number of ACLs: 2 Maximum number of ACLs: 100
ACL ID Rules Interface(s) Direction
------ ----- ------------------------- ---------
1 1
100 1 1/0/21 inbound
Force10 #show ip access-lists 100
ACL ID: 100
Interface: 1/0/21
Rule Number: 1
Action......................................... permit
Match All...................................... FALSE
Protocol....................................... 255(ip)
Source L4 Port Keyword......................... 80(www/http)
Assign Queue................................... 2
Redirect Interface............................. 1/0/40
Force10 #