accesscontrolentry

Use this command to configure an Access Control Entry for use with SNMP ACLs.

Dependencies

Usage

accesscontrolentry <name>

flexswtich#(config)#accesscontrolentry testACLentry
flexswitch#(config-accesscontrolentry)

Settings

Context Description
Action (required) ALLOW/DENY/COPYTOCPU Action can be allow; permit traffic matching the AccessControlEntry
CpuQueue CpuQueue to receive traffic when action is COPYToCPU default: 0
Description Optional description of the AccessConrtolEnrtry
DstGroupRef Destination AddressGroup object name representing list of IPv4
FilterRefList List of AccessControlFilter object names to apply protocol and TCP/UDP port filtering default: []
Priority Priority dictates the order in which the AccessControlEntry is applied. Higher priorities will be applied before lower priorities default: 0
SrcGroupRef Source AddressGroup object name representing list of IPv4
Type IPv4/IPv6/MAC Type of the AccessControlEntry default: IPv4

Available Commands

Command Purpose
accesscontrolentry <access control entry name> Identifier for the access control entry
accesscontrolentry SrcGroupRef <AddressGroupID> Source AddressGroup object name representing list of IPv4
accesscontrolentry Description <text description> Optional description of the AccessConrtolEnrtry. Single word or quoted string.
accesscontrolentry FilterRefList <AccessControlID> List of AccessControlFilter object names to apply protocol and TCP/UDP port filtering default: []
accesscontrolentry Priority <integer> Priority dictates the order in which the AccessControlEntry is applied. Higher priorities will be applied before lower priorities default: 0
accesscontrolentry DstGroupRef <AddressGroupID> Destination AddressGroup object name representing list of IPv4
accesscontrolentry CpuQueue <integer> CpuQueue to receive traffic when action is COPYToCPU default: 0
accesscontrolentry Action <Action> ALLOW/DENY/COPYTOCPU Action can be allow; permit traffic matching the AccessControlEntry
accesscontrolentry Type <type> IPv4/IPv6/MAC Type of the AccessControlEntry default: IPv4

Example

Commands:

FlexSwitch(config)#accesscontrolentry testACEntry
FlexSwitch(config-accesscontrolentry)#Action COPYTOCPU 
FlexSwitch(config-accesscontrolentry)#CpuQueue 1
FlexSwitch(config-accesscontrolentry)#DstGroupRef testAdrGp
FlexSwitch(config-accesscontrolentry)#FilterRefList testACFilter
FlexSwitch(config-accesscontrolentry)#Priority 1
FlexSwitch(config-accesscontrolentry)#SrcGroupRef testAdrGp
FlexSwitch(config-accesscontrolentry)#Type IPv4
FlexSwitch(config-accesscontrolentry)#apply

Response:

Applying Config:
id: 1   object: AccessControlEntry   status: APPLIED CONFIG  valid: True delete: False num user cmds: 8
 command                           attr                  value               model attr       iskey    required    userprov    time provisioned         
--------------------------------------------------------------------------------------------------------------------------------------------------------
 accesscontrolentry testACEntry    accesscontrolentry    testACEntry         Name             True     X           X           Fri Sep  1 12:12:21 2017 
 Action COPYTOCPU                  Action                COPYTOCPU           Action           False    X           X           Fri Sep  1 12:12:57 2017 
 CpuQueue 1                        CpuQueue              1                   CpuQueue         False                X           Fri Sep  1 12:13:02 2017 
 DstGroupRef testAdrGp             DstGroupRef           testAdrGp           DstGroupRef      False                X           Fri Sep  1 12:13:28 2017 
 FilterRefList testACFilter        FilterRefList         ['testACFilter']    FilterRefList    False                X           Fri Sep  1 12:14:05 2017 
 Priority 1                        Priority              1                   Priority         False                X           Fri Sep  1 12:14:12 2017 
 SrcGroupRef testAdrGp             SrcGroupRef           testAdrGp           SrcGroupRef      False                X           Fri Sep  1 12:14:56 2017 
 Type IPv4                         Type                  IPv4                Type             False                X           Fri Sep  1 12:15:03 2017 

sdk:createAccessControlEntry(testACEntry,COPYTOCPU,Priority=1,SrcGroupRef=testAdrGp,DstGroupRef=testAdrGp,CpuQueue=1,Type=IPv4,FilterRefList=['testACFilter'],Description=) result: SUCCESS: http status code: 201