...
The following table describes the subcommands of the acl
command.
...
Subcommand | Description |
---|---|
list | Lists all ACL entries. The command does not take any arguments. |
flush | Clears all ACL entries (no access restrictions). The command does not take any arguments. |
accept | Accepts |
reject
connections from a given CIDR block. |
commit
delete
reload
exit
...
The command takes the following arguments:
where | |
reject | Rejects connections from a given CIDR block. The command takes the following arguments:
where |
commit | Saves the ACL and makes it active. The command does not take any arguments. |
delete | Deletes the existing access rules. The command takes the following arguments:
where |
For example, the following commands:
flush
accept 192.168.12.0/24
all commit
...
| Clears working entries and reloads from disk. The command does not take any arguments. |
exit | Exits the ACL mode. The command does not take any arguments. |
Examples
The following commands would allow connections from any host in the specified subnet to any of the access ports supported by NetMRI:
flush
accept 192.168.12.0/24
all
commit
If you'd like to exclude specific hosts from a range of addresses, you should use one or more reject
commands before the accept
command as in the following example:
flush
flushreject reject 192.168.12.66/32 all
reject 192.168.12.99/32 all
accept 192.168.12.0/24 all
commit
If at least one ACL entry is defined, all access attempts other than those specifically listed are rejected; if no ACL entries are defined, all access attempts are accepted.