9-49
9-76
IPv4 Access Control Lists (ACLs)
Overview of Options for Applying IPv4 ACLs on the Switch
Create a Standard,
ProCurve(config)# access-list < 1-99 > < deny | permit >
Numbered ACL
< any | host <SA > | SA/< mask-length > | SA < mask >>
or
[log]
2
Add an ACE to the End
of an Existing
Standard, Numbered
ACL
Use a Sequence ProCurve(config)# ip access-list standard < name-str | 1-99 >
Number To Insert an ProCurve(config-std-nacl)# 1-2147483647 < deny | permit >
ACE in a Standard ACL
< any | host <SA > | SA/< mask-length > | SA < mask >>
1
[log]
2
Use an ACE’s ProCurve(config)# ip access-list standard < name-str | 1-99 >
Sequence Number To ProCurve(config-std-nacl)# no < 1-2147483647 >
Delete the ACE from a
Standard ACL
Resequence the ACEs ProCurve(config)# ip access-list resequence < name-str | 1-99 > < 1-2147483647 > 9-80
in a Standard ACL < 1-2147483646 >
Enter or Remove a ProCurve(config)# ip access-list standard < name-str | 1-99 > 9-81
Remark from a ProCurve(config-ext-nacl)# [ remark < remark-str > | no < 1-2147483647 > remark ] 9-83
Standard ACL
For numbered, standard ACLs only, the following remark commands can be
substituted for the above:
ProCurve(config)# access-list < 1 - 99 > remark < remark-str >
ProCurve(config)# [no] access-list < 1 - 99 > remark
Delete a Standard ACL ProCurve(config)# no ip access-list standard < name-str | 1-99 >
For numbered, standard ACLs, the following command can be substituted for the
above:
ProCurve(config)# access-list < 1 - 99 > remark < remark-str >
1
The mask can be in either dotted-decimal notation (such as 0.0.15.255) or CIDR notation (such as /20).
2
The [ log ] function applies only to “deny” ACLs, and generates a message only when there is a “deny” match.
9-7
9-79
9-74
