Extended Acl Configuration Structure - HP ProCurve 5300xl Series Management Manual
Advanced traffic
Hide thumbs
Also See for ProCurve 5300xl Series:
- Access security manual (292 pages) ,
- Specification sheet (12 pages) ,
- Management and configuration manual (508 pages)
Table of Contents
Advertisement
Access Control Lists (ACLs) for the Series 5300xl Switches
Configuring and Assigning an ACL
ip access-list < type > "< id-string >"< permit | deny > ip
< source-ip-address > < source-acl-mask >
< destination-ip-address > < destination-acl-mask > [ log ]
< permit | deny > tcp
< source-ip-address > < source-acl-mask > [< operator > < port-id >]
< destination-ip-address > < destination-acl-mask > [< operator > < port-id >] [ log ]
< permit | deny > udp
< source-ip-address > < source-acl-mask > [< operator > < port-id >]
< destination-ip-address > < destination-acl-mask > [< operator > < port-id >] [ log ]
.
.
.
Figure 9-8. General Structure for an Extended ACL
9-28
Extended ACL Configuration Structure
Individual ACEs in an extended ACL include:
A permit/deny "type" statement
■
■
Source IP addressing
■
Optional TCP or UDP port type with optional source port ID and
operator and/or optional destination port ID and operator
Destination IP addressing
■
Optional ACL log command
■
Note: The optional log
function appears only
with "deny" aces.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
