ACL and ACE-related tasks

Common ACL and ACE-related tasks are as follows. Simple tasks link to the relevant command description.

On the 6400 Switch Series, interface identification differs.
Task Command or procedure Example
Creating an IPv4 ACL access-list ip
access-list ip MY_IP_ACL
  10 permit udp any 172.16.1.0/24
  20 permit tcp 172.16.2.0/16 gt 1023 any
  30 deny any any any count
Creating an IPv6 ACL access-list ipv6
access-list ipv6 MY_IPV6_ACL
  10 permit udp any 2001::1/64
  20 permit tcp 2001:2011::1/64 any
  30 deny any any any count
Creating a MAC ACL access-list mac
access-list mac MY_MAC_ACL
  10 permit any any appletalk vlan 40
  20 deny any any any count
Applying an IPv6 ACL to an interface apply access-list
interface 1/1/1
  apply access-list ipv6 MY_IPV6_ACL in
Applying an IPv4 ACL to a LAG apply access-list
interface lag 100
  apply access-list ip MY_IP_ACL in
Applying an IPv4 ACL to a VLAN apply access-list
vlan 10
  apply access-list ip MY_IP_ACL in
Applying a MAC ACL to a VLAN apply access-list
vlan 40
  apply access-list mac MY_MAC_ACL in
Applying an IPv4 ACL to the Control Plane (OOBM) apply access-list control-plane apply access-list ip MY_IP_ACL control-plane vrf mgmt
Removing application of an ACL from an interface apply access-list
interface 1/1/1
  no apply access-list ipv6 MY_IPV6_ACL in
Removing application of an ACL from a VLAN apply access-list
vlan 40
  no apply access-list mac MY_MAC_ACL in
Removing application of an ACL from the Control Plane (OOBM) apply access-list control-plane no apply access-list ip MY_IP_ACL control-plane vrf mgmt
Showing all ACLs show access-list show access-list
Showing all IPv6 ACLs show access-list show access-list ipv6
Showing all ACLs applied to interface 1/1/1 show access-list show access-list interface 1/1/1
Showing all ACLs applied to VLAN 10 show access-list show access-list vlan 10
Showing all ACLs applied to the Control Plane show access-list control-plane show access-list control-plane
Showing a particular ACL show access-list show access-list ip MY_ACL
Showing an ACL as commands show access-list show access-list ip MY_ACL commands
Showing ACL hit counts for an ACL applied to an interface show access-list hitcounts show access-list hitcounts ip MY_ACL interface 1/1/1
Showing ACL hit counts for an ACL applied to a VLAN show access-list hitcounts show access-list hitcounts ip MY_ACL vlan 10
Showing ACL hit counts for an ACL applied to the Control Plane show access-list hitcounts control-plane show access-list hitcounts ip MY_ACL control-plane vrf mgmt
Clearing ACL hit counts clear access-list hitcounts clear access-list hitcounts ip MY_ACL vlan 10
Clearing ACL hit counts for Control Plane clear access-list hitcounts control-plane clear access-list hitcounts control-plane vrf mgmt
Copying an ACL access-list copy access-list ipv6 MY_IPV6_ACL copy MY_IPV6_ACL2
Resequencing the ACEs of an ACL access-list resequence access-list ip MY_IP_ACL resequence 1 1
Resetting an ACL access-list reset access-list ip MY_IP_ACL reset
Setting the ACL log timer frequency access-list log-timer access-list log-timer 30