----------------------------------------------------------------------
:
IPv4 Access Control Lists (ACLs)
Displaying ACL Configuration Data
ProCurve(config)# show access-list List-120
Access Control Lists
Name: List-120
Type: Extended
Indicates whether the ACL
is applied to an interface.
Applied: No
SEQ Entry
Indicates source and destination entries in the ACL.
10 Action: permit
Remark: Telnet Allowed
Src IP: 10.30.133.27 Mask: 0.0.0.0 Port(s): eq 23
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Proto : TCP (Established)
TOS : - Precedence: routine
20 Action: deny (log)
Src IP: 10.30.133.1 Mask: 0.0.0.255 Port(s)
Empty field indicates that
the destination TCP port
can be any value.
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Proto : IP
TOS : - Precedence: -
30 Action: permit
Src IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Dst IP: 0.0.0.0 Mask: 255.255.255.255 Port(s):
Proto : IP
TOS : - Precedence: -
Figure 9-31. Examples of Listings Showing the Content of Standard and Extended ACLs
Table 9-8. Descriptions of Data Types Included in Show Access-List < acl-id > Output
Field Description
Name The ACL identifier. Can be a number from 1 to 199, or a name.
Type Standard or Extended. The former uses only source IP addressing. The latter uses both source and
destination IP addressing and also allows TCP or UDP port specifiers.
Applied “Yes” means the ACL has been applied to a port. “No” means the ACL exists in the switch configuration,
but has not been applied to any interface, and is therefore not in use.
SEQ The sequential number of the Access Control Entry (ACE) in the specified ACL.
Entry Lists the content of the ACEs in the selected ACL.
Action Permit (forward) or deny (drop) a packet when it is compared to the criteria in the applicable ACE and found
to match. Includes the optional log option, if used, in deny actions.
Remark Displays any optional remark text configured for the selected ACE.
9-90
