acl-ip-show
Use this command to display information about ACLs configured on the switch.
Syntax acl-ip-show
|
name name-string |
Specifies the name of the ACL. |
|
id |
Species the ID assigned to the ACL. |
|
action |
Specifies the permission of the ACL to be either permit or deny. |
|
scope local|fabric |
Specifies the scope of the ACL. |
|
src-ip ip-address |
Specifies the source IP address of the ACL. |
|
src-ip-mask netmask |
Specifies the source IP mask of the ACL. |
|
dst-ip ip-address |
Specifies the destination IP address of the ACL. |
|
dst-ip-mask netmask |
Specifies the destination IP mask of the ACL. |
|
protocol [tcp|udp|icmp|igmp|ip|icmpv6 |
Specifies the protocol flag filter of the ACL. |
|
src-port src-port-number] |
Specifies the source port number. |
|
dst-port dst-port-number |
Specifies the destination port number |
|
vnet vnet-name |
Specify the name of the VNET. |
|
bd bridge-domain name |
Specify the bridge domain name assigned to the ACL. |
|
vlan vlan-id |
Specifies the VLAN (0-4095) to apply the ACL. |
|
port port-number |
If the scope is local, specifies the switch port of the ACL. |
Defaults None
Access CLI
History
|
Version 1.2 |
Command introduced. |
|
Version 2.3.0 |
Added the parameters to modify the ACL. |
|
Version 2.4 |
The option, igmp, added to the parameter, protocol. |
|
Version 2.4.1 |
The parameter, vnet, added. |
Usage Displays the list of IP ACLS in the configuration. .
Informational Note: The source or destination IP address/mask of 0.0.0.0/255.255.255.255 means any address.
The source or destination IP address/mask of 208.74.182.229/0.0.0.0 is the same as “host 208.74.182.229”.
Examples This example shows how to display all IP ACLs.
CLI network-admin@switch > acl-ip-show
name id action prot sip smsk sprt dip dmsk dprt vlan scope unit slot port
test1 54147812341841995 deny udp 192.192.100.100 0.0.0.0 20 192.168.1.100
0.0.0.0 40 0 local 0 0 0
test2 54147812341841996 deny udp 192.192.100.100 0.255.255.255 20
192.168.1.100 0.0.255.255 40 0 local 0 0 0