acl-ip-modify

This command allows you to change an existing ACL rule on the switch.

Syntax   acl-ip-modify

name name-string

Specifies the name of the ACL.

id id

Specifies the ID assigned by ONVL to the ACL.

The following parameter is optional:

action permit | deny

Specifies the permission of the ACL to be either permit or deny.

src-ip ip-address

Specifies the source IP address of the ACL.

src-ip-mask netmask

Specifies the source IP mask of the ACL.

dst-ip ip-address

Specifies the destination IP address of the ACL.

dst-ip-mask netmask

Specifies the destination IP mask of the ACL.

Then any of the following options:

proto [tcp|udp|icmp|igmp|ip|icmpv6]

Specifies the protocol flag filter of the ACL.

src-port src-port-number

Specifies the source port number.

dst-port dst-port-number

Specifies the destination port number

vnet vnet-name

Specify the name of the vNET.

bd bridge-domain name

Specify the domain name of the bridge.

vlan vlan-id

Specifies the VLAN to apply the ACL. This is a numeric value between 0-4095.

port port-number

If the scope is local, specifies the switch port of the ACL.

Defaults   None.

Access   network-admin

History   

Version 1.2

Command introduced.

Version 2.3.0

Added the parameters to modify the ACL.

Version 2.4

The option igmp added to the parameter, protocol.

Version 2.4.1

The parameter vnet added.

Usage   Use this command to modify an existing IP ACL.

Informational Note:  The source or destination IP address/mask of 0.0.0.0/255.255.255.255 means any address.
The source or destination IP address/mask of 208.74.182.229/0.0.0.0 is the same as “host 208.74.182.229”.


Examples  To modify the ACL, net-traffic, from deny to permit, use the following command:

CLI (network-admin@switch) > acl-ip-modify net-traffic action permit

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south