Table�193:�access-list Command Parameters �
| Parameter |
Description |
| <access-list-name> |
A unique name that identifies the access control list. |
| <access-list-index> |
The unique rule number within the access list. |
| permit |
Forwards the packet without changing its priority. |
| use-priority |
Assigns the priority that you define in the following <priority> parameter to the packet. |
| <priority> |
The priority that you want to assign to packets that match this ACL. Enter a number between 0 and 7. |
| use-diffserv |
Classifies traffic by the DSCP in the packet. |
| [mask] |
Masks the three least significant bits of the DSCP. If you mask the three least significant bits of the DSCP, the switch recognizes the remaining bits as the precedence field of the type of service (TOS) field and classifies the packets accordingly. |
| remark-diffserv |
Replaces the DSCP in the packet with the DSCP that you enter for the following <dscp> parameter. The switch uses the DSCP that you enter for the <dscp> parameter to classify the packet. |
| <dscp> |
The DSCP that you want to replace the DSCP of the packet. |
| use-l2 |
Classifies traffic by the layer 2 priority of the packet. If you enter use-l2, the switch ignores the ACL rule priority and DiffServ priority. |
| deny |
Blocks the packet. |
| fwd1 | fwd2 | fwd3 | fwd4 | fwd5 | fwd6 | fwd7 | fwd8 |
The priority that you want to set. The number following the fwd specifies the priority. The fwdx arguments are 1-based, while the queue priorities are 0-based. Consequently, the 1-based priorities are converted to 0-based priorities by the QoS features. For example, to specify a priority of 0, enter fwd1. These keywords are retained from earlier versions of software for backward compatibility. The use-priority <priority> keyword and argument serve the same function. |
| <protocol-id> |
The ID of the protocol that you want to assign a priority to. RFC791 defines the protocol IDs. |
| <source-ip-addr> |
The source IP address of the subnet that you want to assign a priority to. |
| <source-wildcard> |
The inverse of a network mask. Enter a 32-bit number in four-part, dotted decimal format. Place ones in the bit positions that you want to mask. This parameter specifies a range of IP address. For example, to specify all IP addresses in the 10.10.70 subnet, enter 10.10.70.0 0.0.0.255. |
| any |
A source of 0.0.0.0 and a source-wildcard of 255.255.255.255 |
| host <source-ip-addr> |
The source IP address that you want to assign a priority to. |
| [{lt <port> | eq <port> | gt <port> | range <port> <port>}] |
A source port or range of source ports that pass between two hosts or switches using the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP). |
| <dest-ip-addr> |
The destination IP address of the subnet that you want to assign a priority to. |
| <dest-wildcard> |
The inverse of a network mask. Enter a 32-bit number in four-part, dotted decimal format. Place ones in the bit positions that you want to mask. This parameter specifies a range of IP address. For example, to specify all IP addresses in the 10.10.70 subnet, enter 10.10.70.0 0.0.0.255. |
| any |
A destination of 0.0.0.0 and a destination-wildcard of 255.255.255.255 |
| host <dest-ip-addr> |
The destination IP address that you want to assign a priority to. |
| [{lt <port> | eq <port> | gt <port> | range <port> <port>}] |
A destination port or range of destination ports that pass data between two hosts or switches using the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP). |
| [established] |
Permits TCP connections to be established that match the rule. |
|
