Cisco Catalyst 2950 Command Reference Manual page 31

Chapter 2 Cisco IOS Commands
Use the show ip access-lists command to display the contents of IP ACLs.
Use the show access-lists command to display the contents of all ACLs.
For more information about configuring IP ACLs, refer to the "Configuring Network Security with
Note
ACLs" chapter in the Catalyst 2950 Desktop Switch Software Configuration Guide for this release.
Examples
This example shows how to configure a standard IP ACL that allows only traffic from the host network
128.88.1.10 and how to apply it to an interface:
Switch(config)# access-list 12 permit host 128.88.1.10
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ip access-group 12 in
This is an example of an standard ACL that allows traffic only from three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address that
does not match the ACL statements is denied.
access-list 14 permit 192.5.34.0
access-list 14 permit 128.88.0.0
access-list 14 permit 36.1.1.0
In these examples, all other IP access is implicitly denied.
Note
You can verify your settings by entering the show ip access-lists or show access-lists privileged EXEC
command.
Related Commands Command
access-list (IP extended)
ip access-group
show access-lists
show ip access-lists
78-11381-05
0.0.0.255
0.0.0.255
0.0.0.255
Description
Configures an extended IP ACL.
Controls access to an interface.
Displays ACLs configured on the switch.
Displays IP ACLs configured on the switch.
Catalyst 2950 Desktop Switch Command Reference
access-list (IP standard)
2-7