Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4810P

241

242

243

244

245

246

247

248

249

250

Version 8.3.10.0 Introduced on the S4810.

Version 8.1.1.0 Introduced on the E-Series ExaScale.

Version 7.8.1.0 Increased the name string to accept up to 140 characters. Prior to

7.8.1.0, names are up to 16 characters long.

Version 7.6.1.0 Introduced on the S-Series.

Version 7.5.1.0 Introduced on the C-Series.

Version 7.4.1.0 Added support for the non-contiguous mask and added the

monitor option.

Version 6.5.1.0 Expanded to include the optional QoS order priority for the ACL

entry.

Usage

Information

FTOS supports one ingress and one egress IP ACL per interface.

Prior to 7.8.1.0, names are up to 16 characters long.

The number of entries allowed per ACL is hardware-dependent. For detailed specifications on

entries allowed per ACL, refer to your line card documentation.

Example

FTOS(conf)#ip access-list standard TestList

FTOS(config-std-nacl)#

Commands

ip access-list extended – creates an extended access list.

show config – displays the current configuration.

permit

Configure a filter to permit packets from a specific source IP address to leave the switch.

C-Series, E-Series, S-Series, Z-Series, S4810

Syntax

permit {source [mask] | any | host ip-address} [count [byte] |

log] [dscp value] [order] [monitor]

To remove this filter, you have two choices:

• Use the no seq sequence-number command if you know the filter’s sequence

number.

• Use the no permit {source [mask] | any | host ip-address}

command.

Parameters

source

Enter the IP address in dotted decimal format of the network from

which the packet was sent.

mask

(OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D.

The mask, when specified in A.B.C.D format, may be either

contiguous or non-contiguous.

any Enter the keyword any to specify that all routes are subject to the

filter.

246