Configuring global and default actions for an ACL
Configure the default action to specify packet treatment if a packet does not match any ACE.
Configure the global action to specify packet treatment if a packet does match an ACE.
Global action can only be configured for Ingress ACLs.
Before you begin
The ACL exists.
Procedure
Variable definitions
Use the data in the following table to use the filter acl set commands.
Variable |
Value |
---|---|
<acl-id> |
Specifies the ACL ID. Use the CLI Help to see the available range for the switch. |
default-action <deny|permit> |
Specifies the default action to take when none of the ACEs match. Options are <deny|permit>. The default is permit. |
monitor-dst-ports {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]} |
Specifies the global action to take for matching ACEs:
Identifies the slot and port in one of the following formats: a single slot and port (slot/port), a range of slots and ports (slot/port-slot/port), or a series of slots and ports (slot/port,slot/port,slot/port). If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port. |
monitor-dst-mlt <1–512> |
Configures mirroring to a destination MLT in the range of 1 to 512. |