Product guide
10-84
Access Control Lists (ACLs)
Adding or Removing an ACL Assignment On an Interface
Filtering Inbound IP Traffic Per Port
For a given port, port list, or static port trunk, you can assign an ACL as a static
port ACL to filter any IP traffic entering the switch on that interface. You can
also use the same ACL for assignment to multiple interfaces. For limits and
operating rules, refer to “ACL Configuration and Operating Rules” on page
10-33.
Figure 10-22. Methods for Enabling and Disabling ACLs
Syntax: [no] interface < port-list | Trkx > ip access-group < identifier > in
where: < identifier > = either a ACL name or an ACL ID number.
Assigns an ACL as a static port ACL to a port, port list, or
static trunk to filter any IP traffic entering the switch on
that interface. You can use either the global configuration
level or the interface context level to assign or remove a
static port ACL.
Note: The switch allows you to assign a nonexistent ACL
name or number to an interface. In this case, if you
subsequently configure an ACL with that name or number,
it automatically becomes active on the assigned interface.
Also, if you delete an assigned ACL from the switch without
subsequently using the “no” form of this command to
remove the assignment to an interface, the ACL assignment
remains and will automatically activate any new ACL you
create with the same identifier (name or number).
ProCurve(config)# interface b10 ip access-group My-List in
ProCurve(config)# interface b10
ProCurve(eth-b10)# ip access-group 155 in
ProCurve(eth-b10)# exit
ProCurve(config)# no interface b10 ip access-group My-List in
ProCurve(config)# interface b10
ProCurve(eth-b10)# no ip access-group 155 in
ProCurve(eth-b10)# exit
Enables a static port ACL
from the Global
Configuration level.
Enables a static port ACL
from a port context.
Disables a static port ACL
from the Global
Configuration level.
Uses a VLAN context to
disable a static port ACL.