Filter
Top Products
244 ACL Commands
classifier rule. The ACL logging feature allows these hardware hit counts to be
collected on a per-rule basis and reported periodically to the network
administrator using the system logging facility and an SNMP trap.
The PowerConnect ACL permit/deny rule specification supports a log
parameter that enables hardware hit count collection and reporting.
Depending on platform capabilities, logging can be specified for deny rules,
permit rules, or both. A five minute logging interval is used, at which time
trap log entries are written for each ACL logging rule that accumulated a
nonzero hit count during that interval. The logging interval is not user
configurable.
Commands in this Chapter
This chapter explains the following commands:
access-list
Use the access-list command in Global Configuration mode to create an
Access Control List (ACL) that is identified by the parameter
list-name
.
The command specifies the queue identifier to which packets matching this
rule are assigned. The command may also specify the mirror or redirect
interface (unit/slot/port) to which packets matching this rule are copied or
forwarded, respectively.
The time-range parameter allows imposing time limitation on the ACL rule
as defined by the parameter
time-range-name
. If a time range with the
specified name does not exist, and the ACL containing this ACL rule is
applied to an interface or bound to a VLAN, then the ACL rule is applied
immediately. If a time range with specified name exists and the ACL
access-list mac access-list extended rename
deny | permit (IP ACL) service-acl input
deny | permit (Mac-Access-List-
Configuration)
show service-acl interface
ip access-group show ip access-lists
mac access-group show mac access-list
mac access-list extended
2CSPC4.XModular-SWUM200.book Page 244 Thursday, March 10, 2011 11:18 AM