acl add list
acl add list - Add an ACL definition
Description:
Use this command to add a new ACL definition to the ACL service. Newly-created ACL definitions do not contain any rules and are disabled by default.
You may edit the definition using the "acl edit list" command to add rules to it. To enable a definition, you must assign it to an interface.
Syntax:
acl add list <acl-name>
Parameters:
| Parameter | Description |
|---|---|
| <acl-name> | <string> |
acl delete interface
acl delete interface - Delete an interface definition
Description:
Delete an existing interface definition from the ACL service.
Syntax:
acl delete interface <interface-name>
Parameters:
| Parameter | Description |
|---|---|
| <interface-name> | <string> |
acl delete list
acl delete list - Delete an ACL list
Description:
Delete an existing ACL list from the ACL service. The ACL list state must be set to "Unassigned" before deleting the list.
Syntax:
acl delete list <acl-name>
Parameters:
| Parameter | Description |
|---|---|
| <acl-name> | <string> |
acl edit interface
acl edit interface - Edit an interface definition
Description:
Edit an existing interface definition from the ACL service. Any changes made to the interface definition will be automatically executed and saved if valid.
ACL and Bridge:
Assigning an ACL to a sub-interface that belongs to a bridge is not supported. The ACL must be assigned to the bridge itself.
ACL and LAG:
When ACL protection is needed on a LAG, the ACL should be assigned to the LAG interface, but not to its members (e.g. assign the ACL to LAG-1-1 interface, but not to SFP-1-1 and SFP-2-1 sub-interfaces).
Syntax:
acl edit interface <interface-name> {
{acl_name <acl-name>} |
{acl_types <acl-types>} |
{state {enable|disable}}
}+
Parameters:
| Parameter | Description |
|---|---|
| <acl-name> | <string> |
| <acl-types> | {cli|web|snmp|netconf|icmp} [,{cli|web|snmp|netconf|icmp}]* |
| acl-name | The ACL name |
| acl-types | The ACl types |
| state | The interface state |
acl edit list
acl edit list - Edit an ACL definition
Description:
Edit an existing ACL definition from the ACL service. Any changes made to the ACL definition will be automatically executed and saved if valid.
Syntax:
acl edit list <acl-name> {
{name <new-acl-name>} |
{index {<1-40>|<rule_name>} {
{type {ipsrc|macsrc}} |
{value <rule-value>} |
{action {drop|accept}} |
{rule_name <rule-name>} |
{priority <1-255>} |
{state {enable|disable}}
}+
}+
Parameters:
| Parameter | Description |
|---|---|
| <acl-name> | <string> |
| <new-acl-name> | <string> |
| <rule-value> | {<ip-addr> | <mac-addr> | <subnet-addr/subnet-addrprefix>} |
| <rule-name> | <string> |
| name | The new ACL name |
| index | The rule index or the rule name to edit a specific rule |
| type | The rule type |
| value | The rule value that matches the type format |
| action | The rule action if the type and value match |
| rule_name | The rule name |
| priority | The rule priority that determines the order of execution of the rules |
| state | The rule state |
acl show interface
acl show interface - Show an interface definition
Description:
Show all interface definitions if no interface name is specified. If an interface name is specified, only that interface will be displayed. Statistics based on the assigned ACL definition can also be displayed if specified.
Syntax:
acl show interface [<interface-name> [stats]]
Parameters:
| Parameter | Description |
|---|---|
| <interface-name> | <string> |
| stats | Display rules statistics based on the assigned ACL definition. |
acl show list
acl show list - Show an ACL definition
Description:
Show all ACL definitions if no ACL name is specified. If an ACL name is specified, only that interface will be displayed.
Syntax:
acl show list [<acl-name>]
Parameters:
| Parameter | Description |
|---|---|
| <acl-name> | <string> |
© 2025 Cisco and/or its affiliates. All rights reserved.
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks