acl-ip-modify
This command allows you to change an existing ACL rule on the switch.
Syntax acl-ip-modify
|
name name-string |
Specifies the name of the ACL. |
|
id id |
Specifies the ID assigned by ONVL to the ACL. |
|
The following parameter is optional: |
|
|
action permit | deny |
Specifies the permission of the ACL to be either permit or deny. |
|
src-ip ip-address |
Specifies the source IP address of the ACL. |
|
src-ip-mask netmask |
Specifies the source IP mask of the ACL. |
|
dst-ip ip-address |
Specifies the destination IP address of the ACL. |
|
dst-ip-mask netmask |
Specifies the destination IP mask of the ACL. |
|
Then any of the following options: |
|
|
proto [tcp|udp|icmp| |
Specifies the protocol flag filter of the ACL. |
|
src-port src-port-number |
Specifies the source port number. |
|
dst-port dst-port-number |
Specifies the destination port number |
|
vnet vnet-name |
Specify the name of the VNET. |
|
bd bridge-domain name |
Specify the domain name of the bridge. |
|
vlan vlan-id |
Specifies the VLAN to apply the ACL. This is a numeric value between 0-4095. |
|
port port-number] |
If the scope is local, specifies the switch port of the ACL. |
Defaults None.
Access network-admin
History
|
Version 1.2 |
Command introduced. |
|
Version 2.3.0 |
Added the parameters to modify the ACL. |
|
Version 2.4 |
The option, igmp, added to the parameter, protocol. |
|
Version 2.4.1 |
The parameter, vnet, added. |
Usage Use this command to modify an existing IP ACL.
Informational Note: The source or destination IP address/mask of 0.0.0.0/255.255.255.255 means any address.
The source or destination IP address/mask of 208.74.182.229/0.0.0.0 is the same as “host 208.74.182.229”.
Examples To modify the ACL, net-traffic, from deny to permit, use the following command:
CLI network-admin@switch > acl-ip-modify net-traffic action permit