Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 S2410-01-10GE-24P

381

382

383

384

385

386

387

388

389

390

ACL Commands | 381

Default

none

Mode

Global Config

Command

History

Commands

ip access-group (Interface)

This command attaches a specified IP access-control list (ACL) to an interface.

Syntax

ip access-group ACLnumber [1-4294967295] in

Parameters

Default

none

log

(OPTIONAL) Specifies that hits on this rule are to be logged (For details, see the

System Logs chapter in the SFTOS Configuration Guide). The

log attribute is

only for

deny rules.

assign-queue

queue-id

(OPTIONAL) The assign-queue ID is the queue identifier to which packets

matching this rule are assigned.

{mirror | redirect}

unit/slot/port

(OPTIONAL) Specify whether the packets matching this rule are mirrored or

redirected through the specified port. A redirected packet carries the same MAC

address as it would have if it had not been redirected (the MAC address of the

next hop defined in the routing table).

Note: These options are only for a permit rule.

The mirror option is supported in the S50V and S25P models only; it is

not available on S50 switches, nor for extended access lists (100–199).

Source, destination, and monitor/redirect ports must be in the same

VLAN.

Version 2.5.1

Modified to include

log and mirror options.

{deny|permit} Creates a new rule for the current MAC access list.

interface loopback Configures a loopback interface.

ip access-group (Interface) Attaches a specified ACL to the selected interface.

show ip access-lists Displays an IP Access Control List (ACL) and all of the rules that are defined

for the ACL.

show interface loopback Displays loopback interface configuration.

ACLnumber

Enter the ACL ID, which is an integer with a range of 1–199 assigned using the

OOEnn6ganC command

1-4294967295

(OPTIONAL) Enter an integer that indicates the order of this ACL relative to

other ACLs assigned to this port channel. A lower sequence number indicates

higher precedence order. If the selected number is already in use for this port

channel, this ACL replaces the currently attached ACL using that sequence

number. If you do not specify a number with this command, a number that is one

greater than the highest sequence number currently in use for this port channel is

used for this ACL.

The in parameter is required. SFTOS supports only the ingress direction.