Viewing the content of all ACLs on the switch
This command lists the configuration details for the IPv4 and IPv6 ACLs in the running-config file, regardless of whether any are actually assigned to filter IPv4 traffic on specific VLANs.
Syntax:
show access-list config
List the configured syntax for all IPv4 and IPv6 ACLs currently configured on the switch.
Notice that you can use the output from this command for input to an offline text file in which you can edit, add, or delete ACL commands.
This information also appears in the show
running display. If you executed write memory after
configuring an ACL, it appears in the show config display.
An ACL configured syntax listing shows the ACLs on a switch configured with two IPv6 ACLs named "Accounting" and "List-01-Inbound", and one extended IPv4 ACL named "101":
An ACL configured syntax listing
Switch(config)# show access-list config
ip access-list extended "101"
10 permit tcp 10.30.133.27 0.0.0.0 0.0.0.0 255.255.255.255
20 permit tcp 10.30.155.101 0.0.0.0 0.0.0.0 255.255.255.255
30 deny ip 10.30.133.1 0.0.0.0 0.0.0.0 255.255.255.255 log
40 deny ip 10.30.155.1 0.0.0.255 0.0.0.0 255.255.255.255
exit
ipv6 access-list "Accounting"
10 permit tcp 2001:db8:0:1af::10:14/128 ::/0 eq 23
20 permit tcp 2001:db8:0:1af::10:23/128 ::/0 eq 23
30 deny tcp 2001:db8:0:1af::10/116 ::/0 log
40 permit ipv6 2001:db8:0:1af::10/116 ::/0
50 deny ipv6 ::/0 ::/0 log
exit
ipv6 access-list "List-01-Inbound"
10 permit icmp fe80::10:60/128 ::/0 dscp 38
20 permit icmp fe80::10:77/128 ::/0 dscp 38
30 permit icmp fe80::10:83/128 ::/0 dscp 38
40 deny icmp ::/0 ::/0 dscp 38
50 permit ipv6 fe80::10/112 ::/0
60 deny ipv6 fe80::/64 ::/0
exit