C
OMMAND
L
INE
I
NTERFACE
4-116
be bound exclusively to one of the basic ACL types (i.e., Ingress IP ACL,
Egress IP ACL, Ingress MAC ACL or Egress MAC ACL), but a mask can be
bound to up to four ACLs of the same type.
IP ACLs
Table 4-33 Access Control List Commands
Command Groups Function Page
IP ACLs Configures ACLs based on IP addresses, TCP/UDP
port number, protocol type, and TCP control code
4-116
MAC ACLs Configures ACLs based on hardware addresses, packet
format, and Ethernet type
4-128
ACL Information Displays ACLs and associated rules; shows ACLs
assigned to each port
4-137
Table 4-34 IP ACL Commands
Command Function Mode Page
access-list ip Creates an IP ACL and enters
configuration mode for standard or
extended IP ACLs
GC 4-117
permit, deny Filters packets matching a specified
source IP address
STD-ACL 4-118
permit, deny Filters packets meeting the specified
criteria, including source and destination
IP address, TCP/UDP port number,
protocol type, and TCP control code
EXT-ACL 4-119
show ip access-list Displays the rules for configured IP
ACLs
PE 4-121
access-list ip
mask-precedence
Changes to the IP Mask mode used to
configure access control masks
GC 4-122
mask Sets a precedence mask for the ACL rules IP-Mask 4-123
show access-list ip
mask-precedence
Shows the ingress or egress rule masks
for IP ACLs
PE 4-126
ip access-group Adds a port to an IP ACL IC 4-127
show ip access-group Shows port assignments for IP ACLs PE 4-127