Chapter 74: ACL Commands
1218
Confirmation Commands
“SHOW ACCESS-LIST” on page 1232 and “SHOW INTERFACE
ACCESS-GROUP” on page 1234
Examples
This example adds a deny access list to port 2 to discard all untagged
ingress packets of protocol 28, regardless of the source or destination
address. The access list is assigned the ID number 3016:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3016 deny proto 28 any any
awplus(config)# interface port1.0.2
awplus(config_if)# access-group 3016
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.2 access-group
This example adds a deny access list to ports 5 and 6 so that they discard
all tagged ingress packets that have the protocol 17 number and the VID
12, and are from the 152.12.45.0 subnet. The access list is assigned the
ID number 3011:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3011 deny proto 17 152.12.45.0/
24 any vlan 12
awplus(config)# interface port1.0.5,port1.0.6
134 RSVP-E2E-IGNORE / RFC3175
135 Mobility Header / RFC3775
136 UDPLite / RFC3828
137 MPLS-in-IP / RFC4023
138 MANET Protocols / RFC-ietf-manet-iana-
07.txt
139 - 252 Unassigned / IANA
253 - 254 Use for experimentation and testing /
RFC3692
255 Reserved / IANA
Table 144. Protocol Numbers (Continued)
Number Description