acl-ip-modify

This command allows you to change an existing ACL rule on the switch.

Syntax   acl-ip-modify name name-string id id_num [action permit|deny] [src-ip ip-address] [src-ip-mask netmask] [dst-ip ip-address dst-ip-mask netmask] [proto [tcp|udp|icmp|igmp|ip]] [src-port src-port-number] [dst-port dst-port-number] [vnet vnet-name] [vlan vlan-id] [port port-number]

name name-string

Specifies the name of the ACL.

id

Specifies the ID assigned by ONVL to the ACL.

The following parameter is optional:

action
permit | deny

Specifies the permission of the ACL to be either permit or deny.

src-ip ip-address

Specifies the source IP address of the ACL.

src-ip-mask netmask

Specifies the source IP mask of the ACL.

dst-ip ip-address

Specifies the destination IP address of the ACL.

dst-ip-mask netmask

Specifies the destination IP mask of the ACL.

Then any of the following options:

proto [tcp|udp|icmp|
igmp|ip

Specifies the protocol flag filter of the ACL.

src-port src-port-number

Specifies the source port number.

dst-port dst-port-number

Specifies the destination port number

vnet vnet-name

Specify the name of the VNET.

vlan vlan-id

Specifies the VLAN to apply the ACL.

port port-number]

If the scope is local, specifies the switch port of the ACL.

Defaults   None.

Access   network-admin

History   

Version 1.2

Command introduced.

Version 2.3.0

Added the parameters to modify the ACL.

Version 2.4

The option, igmp, added to the parameter, protocol.

Version 2.4.1

The parameter, vnet, added.

Usage   Use this command to modify an existing IP ACL.

Examples  To modify the ACL, net-traffic, from deny to permit, use the following command:

CLI network-admin@switch > acl-ip-modify net-traffic action permit

See Also