show access-list identifier
Syntax
show access-list
identifier
[ config ]
Description
Displays detailed information on the content of a specific ACL configured in the running-config file.
This information also appears in the
show running
display. If you execute
write memory
after configuring an ACL, it also appears in the
show config
display.
For information on IPv4 ACL operation, see the latest version of the Aruba-OS Switch Access Security Guide for your switch.
Example
Viewing the content of a specific ACL
Suppose you configured the following two ACLs in the switch:
Identifier |
Type |
Desired action |
---|---|---|
Accounting |
IPv6 |
|
List-120 |
IPv4 Extended |
|
Example
Listing an IPv6 ACL
Switch(config)# show access-list Accounting
Access Control Lists
Name: Accounting
Type: ipv6
Applied: Yes 1
SEQ Entry
--------------------------------------------------------
10 Action: permit
Remark: Telnet Allowed 2
3 Src IP: 2001:db8:0:1af::10:14 4 Prefix Len: 128
5 Dst IP: :: 6 Prefix Len: 0
7 Src Port(s): 8 Dst Port(s): eq 23
9 Proto : TCP Option(s):
10 Dscp : -
20 Action: permit
Src IP: 2001:db8:0:1af::10:23 Prefix Len: 128
Dst IP: :: Prefix Len: 0
Src Port(s): Dst Port(s): eq 23
Proto : TCP Option(s):
Dscp : -
30 Action: deny (log)
Src IP: 2001:db8:0:1af::10 Prefix Len: 116
Dst IP: :: Prefix Len: 0
Src Port(s): Dst Port(s):
Proto : TCP Option(s):
Dscp : -
40 Action: permit
Src IP: 2001:db8:0:1af::10 Prefix Len: 116
Dst IP: :: Prefix Len: 0
Src Port(s): Dst Port(s):
Proto : IPV6
Dscp : -
1 Indicates whether the ACL is applied to an interface
2 Remark Field (Appears if remark configured.)
3 Source Address
4 Source and Destination Prefix Lengths
5,6 Destination Address
7 TCP Source Port
8 TCP Destination Port
9 Protocol Data
10 DSCP Codepoint or Precedence
An ACL listed with the config option
Port-1(config)# show access-list List-120 config
ip access-list extended "List-120"
10 remark "Telnet Allowed"
10 permit tcp 10.30.133.27 0.0.0.0 eq 23 0.0.0.0 255.255.255.255 precedence 0 established
20 deny ip 10.30.133.1 0.0.0.255 0.0.0.0 255.255.255.255 log
30 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit