Quality of Service (QoS) Commands
479
ProSafe M4100 and M7100 Managed Switches
no access-list
This command deletes an IP ACL that is identified by the parameter <accesslistnumber>
from the system.
The range for <accesslistnumber> 1-99 for standard access lists and
100-199 for extended access lists.
Format no access-list <accesslistnumber>
Mode
ip access-list
This command creates an extended IP access control list (ACL) identified by <name>,
consisting of classification fields defined for the IP header of an IPv4 frame. The <name>
parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely
identifying the IP access list.
{icmp | igmp | ip | tcp | udp
| <number>}
Specifies the protocol to filter for an extended IP ACL rule.
<srcip> <srcmask>
Specifies a source IP address and source netmask for match
condition of the IP
ACL rule.
[{eq {<portkey> |
<0-65535>}]
Specifies the source layer 4-port match condition for the IP ACL rule.
Y
ou can use the port number, which ranges from 0-65,535, or you
specify the <portkey>, which can be one of the following
keywords: domain, echo, ftp, ftpdata, http, smtp,
snmp, telnet, tftp, and www-http. Each of these keywords
translates into its equivalent port number, which is used as both the
start and end of a port range.
<dstip> <dstmask>
Specifies a destination IP address and netmask for match condition
of the IP
ACL rule.
[precedence <precedence> |
tos <tos> <tosmask> | dscp
<dscp>]
Specifies the TOS for an IP ACL rule depending on a match of
precedence or DSCP values using the parameters dscp,
precedence, tos/tosmask.
[log]
Specifies that this rule is to be logged.
rate-limit
The user can specify a simple rate limiter for packets matching an
ACL “permit” rule.
The user needs to specify the burst size in kbytes
and allowed rate of traffic in kbps. The conforming traffic is allowed
to transmit, and non-conforming traffic is dropped. This action is
ignored for any “deny” rule, since by definition matching packets are
dropped.
[assign-queue <queue-id>]
Specifies the assign-queue, which is the queue identifier to which
packets matching this rule are assigned.
[{mirror | redirect}
<slot/port>]
Specifies the mirror or redirect interface which is the slot/port to
which packets matching this rule are copied or forwarded,
respectively
.
Global Config
Parameter Description