Administrator Guide
Version Description
8.3.11.1 Introduced on the Z9000.
8.3.10.0 Introduced on the S4810.
8.1.1.0 Introduced on the E-Series.
7.8.1.0 Increased the name string to accept up to 140 characters. Prior to 7.8.1.0, names were up
to 16 characters long.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
6.2.1.1 Introduced on the E-Series.
Usage Information The number of entries allowed per ACL is hardware-dependent. For detailed specication about entries allowed per
ACL, refer to your line card documentation.
Prior to 7.8.1.0, names are up to 16 characters long.
Example
Dell(conf)# ip access-list extended TESTListEXTEND
Dell(config-ext-nacl)#
Related Commands
• ip access-list standard — congure a standard IP access list.
• show cong — display the current conguration.
permit
To pass IP packets meeting the lter criteria, congure a lter.
Syntax
permit {source mask | any | host ip-address} {destination mask | any | host ip-
address} [ttl operator] [count [bytes]] [dscp value] [order] [fragments]
[monitor] [no-drop]
To remove this lter, you have two choices:
• Use the no seq sequence-number command if you know the lter’s sequence number.
•
Use the no deny {source mask | any | host ip-address} {destination mask | any |
host ip-address} command.
Parameters
source Enter the IP address in dotted decimal format of the network from which the packet was
sent.
mask (OPTIONAL) Enter a network mask in /prex format (/x) or A.B.C.D. The mask, when
specied in A.B.C.D format, may be either contiguous or non-contiguous.
any Enter the keyword any to specify that all routes are subject to the lter.
host ip-address Enter the keyword host then the IP address to specify a host IP address or hostname.
destination Enter the IP address of the network or host to which the packets are sent.
ttl Enter the keyword ttl to permit a packet based on the time to live value. The range is
from 1 to 255.
operator Enter one of the following logical operand:
Access Control Lists (ACL) 211