ACL Commands
46 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
• in-port port-num — (Optional) Specifies the input port of the devise. In case of
egress classification this port will be devise input port.
• out-port port-num — (Optional) Specifies the output port of the devise.
• dscp — Indicates matching the dscp number with the packet dscp value.
• ip-precedence — Indicates matching ip-precedence with the packet ip-precedence
value.
Default Configuration
This command has no default configuration
Command Mode
IP-Access List Configuration mode
User Guidelines
Use the ip access-list Global Configuration mode command to enable the IP-Access List
Configuration mode.
Before an Access Control Element (ACE) is added to an ACL, all packets are permitted.
After an ACE is added, an implied
deny-any-any condition exists at the end of the list
and those packets that do not match the defined conditions are denied.
Example
The following example shows how to define a permit statement for an IP ACL.
mac access-list
The mac access-list Global Configuration mode command enables the MAC-Access List
Configuration mode and creates Layer 2 ACLs. To delete an ACL, use the
no form of this
command.
IP-within-IP Encapsulation Protocol ipip 94
Protocol Independent Multicast pim 103
Layer Two Tunneling Protocol l2tp 115
ISIS over IPv4 isis 124
(any IP protocol) any (25504)
IP Protocol Abbreviated Name Protocol Number
Console(config)#
ip access-list
ip-acl1
Console(config-ip-al)#
deny
rsvp 192.1.1.1 0.0.0.255
any