C
OMMAND
L
INE
I
NTERFACE
4-114
IP ACLs
access-list ip
This command adds an IP access list and enters configuration mode for
standard or extended IP ACLs. Use the no form to remove the specified
ACL.
Syntax
[no] access-list ip {standard | extended} acl_name
• standard – Specifies an ACL that filters packets based on the
source IP address.
• extended – Specifies an ACL that filters packets based on the
source or destination IP address, and other more specific criteria.
Table 4-34 IP ACL Commands
Command Function Mode Page
access-list ip Creates an IP ACL and enters
configuration mode for standard or
extended IP ACLs
GC 4-114
permit, deny Filters packets matching a specified
source IP address
STD-ACL 4-115
permit, deny Filters packets meeting the specified
criteria, including source and
destination IP address, TCP/UDP port
number, protocol type, and TCP
control code
EXT-ACL 4-116
show ip access-list Displays the rules for configured IP
ACLs
PE 4-118
ip access-group Adds a port to an IP ACL IC 4-119
show ip
access-group
Shows port assignments for IP ACLs PE 4-119
map access-list ip Sets the CoS value and corresponding
output queue for packets matching an
ACL rule
IC 4-120
show map
access-list ip
Shows CoS value mapped to an access
list for an interface
PE 4-121