Command Reference Guide
SROS Command Line Interface Reference Guide HDLC Command Set
5991-2114 © Copyright 2005 Hewlett-Packard Development Company, L.P. 824
ip access-group <listname> [in | out]
Use the ip access-group command to create an access list to be used for packets transmitted on or received
from the specified interface. Use the no form of this command to disable this type of control.
Syntax Description
<listname> Assigned IP access list name.
in Enables access control on packets received on the specified interface.
out Enables access control on packets transmitted on the specified interface.
Default Values
By default, these commands are disabled.
Command Modes
(config-interface)# Interface Configuration Mode
Valid interfaces include: Ethernet (eth 0/1), virtual PPP interfaces (ppp 1), virtual
HDLC interfaces (hdlc 1), virtual Frame Relay sub-interfaces (fr 1.20), tunnel
interfaces (tunnel 1), and VLAN interface (vlan 1).
Functional Notes
When this command is enabled, the IP destination address of each packet must be validated before being
passed through. If the packet is not acceptable per these settings, it is dropped.
Usage Examples
The following example sets up the unit to only allow Telnet traffic (as defined in the user-configured
TelnetOnly IP access list) into the HDLC interface:
(config)#ip access-list extended TelnetOnly
(config-ext-nacl)#permit tcp any any eq telnet
(config-ext-nacl)#int hdlc 1
(config-hdlc 1)#ip access-group TelnetOnly in