Task: ACL (v7.10.0)
==================================================
Category: Security
Description: ACL definitions and interfaces
New: No  |  IPv6: Yes

Vendor Support:
  ✓ aws (IPv6: ✓)
  ✗ alcatel@aos (IPv6: ✗)
  ✓ azure (IPv6: ✗)
  ✗ brocade@fastiron (IPv6: ✗)
  ✓ cisco@ios (IPv6: ✓)
  ✓ cisco@ios-xe (IPv6: ✓)
  ✓ cisco@nx-os (IPv6: ✓)
  ✓ cisco@ios-xr (IPv6: ✗)
  ✓ cisco@asa (IPv6: ✓)
  ✗ cisco@wlc-air (IPv6: ✗)
  ✓ cisco@sg (IPv6: ✗)
  ✗ cisco@ftd (IPv6: ✗)
  ✓ cisco@aci (IPv6: ✗)
  ✗ cisco@meraki (IPv6: ✗)
  ✓ cisco@viptela (IPv6: ✗)
  ○ cisco@apic (IPv6: ○)
  ✗ cisco@encs (IPv6: ✗)
  ○ dell@ftos (IPv6: ○)
  ○ dell@powerconnect (IPv6: ○)
  ○ dell@os10 (IPv6: ○)
  ✗ fs@fsos (IPv6: ✗)
  ✓ gcp (IPv6: ✗)
  ✓ hpe@comware (IPv6: ✗)
  ✗ hpe@aruba (IPv6: ✗)
  ✗ hpe@arubasw (IPv6: ✗)
  ✓ hpe@arubacx (IPv6: ✗)
  ✗ hpe@3com (IPv6: ✗)
  ○ hpe@aruba-iap (IPv6: ○)
  ○ riverbed@steelhead (IPv6: ○)
  ○ fortinet@fortigate (IPv6: ○)
  ✗ fortinet@fortiswitch (IPv6: ✗)
  ✗ forcepoint@ngfw (IPv6: ✗)
  ○ paloalto@pan-os (IPv6: ○)
  ○ paloalto@prisma (IPv6: ○)
  ✓ juniper@junos (IPv6: ✗)
  ○ juniper@mist (IPv6: ○)
  ○ checkpoint@gaia (IPv6: ○)
  ○ checkpoint@gaia-embedded (IPv6: ○)
  ○ extreme@boss (IPv6: ○)
  ○ extreme@enterasys (IPv6: ○)
  ✗ extreme@voss (IPv6: ✗)
  ✓ extreme@exos (IPv6: ✓)
  ✓ arista@eos (IPv6: ✗)
  ○ f5@big-ip (IPv6: ○)
  ○ f5@f5osa (IPv6: ○)
  ○ f5@f5osc (IPv6: ○)
  ○ huawei@vrp (IPv6: ○)
  ○ mikrotik@routeros (IPv6: ○)
  ○ quagga (IPv6: ○)
  ○ frr (IPv6: ○)
  ○ versa@vos (IPv6: ○)
  ✗ silverpeak@unity (IPv6: ✗)
  ✓ vmware@nsx-t (IPv6: ✓)
  ✗ vmware@velocloud (IPv6: ✗)
  ✗ ruckus@vsz (IPv6: ✗)
  ✗ opengear@og (IPv6: ✗)
  ✗ opengear@og-om (IPv6: ✗)
  ○ stormshield@sn (IPv6: ○)
  ✗ nokia@timos (IPv6: ✗)
  ✗ citrix@adc (IPv6: ✗)

CLI Commands:
  cisco@ios: show ip interface
  cisco@viptela: GET /dataservice/template/policy/definition/acl/<aclId>
  extreme@exos: debug vlan show vlans
  extreme@exos: show vlan detail
  extreme@exos: show access-list <any|port|vlan> <id> <direction> detail
  extreme@exos: show access-list
  cisco@sg: show access-list
  cisco@sg: show interfaces access-lists
  cisco@ios-xr: show ipv4 vrf all interface
  cisco@ios-xr: show running-config
  cisco@ios-xe: show object-group
  cisco@ios-xe: show ip interface
  cisco@ios-xe: show ip access-list
  cisco@ios: show object-group
  cisco@viptela: GET /dataservice/template/policy/definition/acl
  cisco@ios: show ip access-list
  gcp: GET compute.googleapis.com/compute/v1/projects/<project>/global/networks
  gcp: GET compute.googleapis.com/compute/v1/projects/<project>/aggregated/instances
  gcp: GET compute.googleapis.com/compute/v1/projects/<project>/aggregated/subnetworks
  gcp: GET compute.googleapis.com/compute/v1/projects/<project>/global/firewalls
  cisco@nx-os: show ipv6 access-lists
  cisco@nx-os: show object-group
  cisco@nx-os: show access-list summary
  cisco@nx-os: show ip access-list
  cisco@asa: show dns
  cisco@asa: show running-config all object
  cisco@asa: show ipv6 interface
  cisco@asa: show interface detail
  vmware@nsx-t: GET /api/v1/logical-routers
  vmware@nsx-t: GET /api/v1/ns-services
  vmware@nsx-t: GET /policy/api/v1/infra/segments
  vmware@nsx-t: GET /api/v1/firewall/sections?type=LAYER2
  vmware@nsx-t: GET /api/v1/firewall/sections/<section-id>/rules?sort_by=priority
  vmware@nsx-t: GET /api/v1/firewall/sections
  vmware@nsx-t: GET /api/v1/ip-sets
  vmware@nsx-t: GET /api/v1/ns-groups/<group-id>/effective-logical-switch-members
  vmware@nsx-t: GET /api/v1/ns-groups/<group-id>/effective-ipset-members
  vmware@nsx-t: GET /api/v1/ns-groups/<group-id>/effective-ip-address-members
  vmware@nsx-t: GET /api/v1/ns-groups
  vmware@nsx-t: GET /api/v1/logical-ports/<portId>/state
  vmware@nsx-t: GET /api/v1/fabric/virtual-machines
  vmware@nsx-t: GET /api/v1/fabric/vifs
  cisco@asa: show interface
  vmware@nsx-t: GET /api/v1/logical-router-ports?logical_router_id=<router-id>
  vmware@nsx-t: GET /policy/api/v1/infra/segments/<segment-id>/ports/<segment-id>
  vmware@nsx-t: GET /api/v1/logical-ports
  cisco@viptela: GET /dataservice/template/policy/list/vpn
  cisco@viptela: GET /dataservice/template/policy/list/site
  cisco@viptela: GET /dataservice/template/policy/list/app
  cisco@viptela: GET /dataservice/template/config/attached/<uuid>?type=CFS
  cisco@viptela: GET /dataservice/device/bfd/sessions?deviceId=<deviceId>
  cisco@viptela: GET /dataservice/device/interface?deviceId=<deviceId>
  cisco@viptela: GET /dataservice/template/policy/definition/data/<policyId>
  cisco@viptela: GET /dataservice/template/policy/vsmart
  cisco@viptela: GET /dataservice/device/policy/accesslistassociations?deviceId=<deviceId>
  cisco@viptela: GET /dataservice/template/policy/list/dataprefix
  azure: GET /firewallPolicies/<policyId>/ruleCollectionGroups
  hpe@comware: display packet-filter interface
  hpe@comware: display packet-filter all
  hpe@comware: display acl all
  juniper@junos: show configuration interfaces | display inheritance
  juniper@junos: show configuration policy-options | display inheritance
  juniper@junos: show configuration firewall | display inheritance
  azure: GET /virtualNetworks
  azure: GET /virtualMachineScaleSets/<vmssName>networkInterfaces/
  azure: GET /networkSecurityGroups
  azure: GET /networkInterfaces
  azure: GET /location/<locationName>/serviceTags
  azure: GET /loadBalancers
  azure: GET /ipGroups
  hpe@comware: display object-group
  azure: GET /firewallPolicies
  azure: GET /azureFirewalls/<azureFirewallName>/learnedIPPrefixes
  azure: GET /azureFirewalls
  aws: SDK ec2:GetManagedPrefixListEntriesCommand
  aws: SDK ec2:DescribeVpcs
  aws: SDK ec2:DescribeSecurityGroupRulesCommand
  aws: SDK ec2:DescribeSecurityGroupsCommand
  aws: SDK ec2:DescribePrefixListsCommand
  aws: SDK ec2:DescribeNetworkInterfacesCommand
  aws: SDK ec2:DescribeNetworkAclsCommand
  aws: SDK ec2:DescribeManagedPrefixListsCommand
  arista@eos: show ip access-lists summary
  arista@eos: show ip access-lists
  cisco@aci: GET /api/node/class/fvTenant.json?rsp-subtree=full&rsp-subtree-class=vzBrCP,fvBD,vzFilter,fvAp,fvCtx,fvAEPg,l2extInstP,l3extInstP,mgmtOoB,mgmtInB
  cisco@asa: show run
  cisco@aci: GET /api/node/class/vzFilter.json&rsp-subtree=full&rsp-subtree-class=vzFilter,vzEntry
  cisco@aci: GET /api/node/class/vzBrCP.json&rsp-subtree=full&rsp-subtree-class=vzSubj,vzRsSubjFiltAtt
  cisco@aci: GET /api/node/class/mgmtOoB.json
  cisco@aci: GET /api/node/class/mgmtInB.json
  cisco@aci: GET /api/node/class/l3extInstP.json?rsp-subtree=full&rsp-subtree-class=fvRsProv,fvRsCons,l3extSubnet
  cisco@aci: GET /api/node/class/l2extInstP.json&rsp-subtree=full&rsp-subtree-class=fvRsProv,fvRsCons
  cisco@aci: GET /api/node/class/fvCtx.json&rsp-subtree=full&rsp-subtree-class=fvCtx,fvRtCtx
  cisco@aci: GET /api/node/class/fvBD.json&rsp-subtree=full&rsp-subtree-class=fvSubnet,fvRtBd,l3extSubnet
  cisco@aci: GET /api/node/mo/<fvAp.dn>.json?rsp-subtree=full&rsp-subtree-class=fvAp,fvAEPg,fvAp,fvCEp,fvRsProv,fvIp,fvESg,fvRsCons
  cisco@aci: GET /api/node/class/fvAp.json
  cisco@aci: GET /api/node/class/fabricNode.json
  cisco@aci: GET /api/node/class/actrlRule.json?order-by=actrlRule.prio&rsp-subtree=full
  arista@eos: show running-config
  cisco@aci: show ipv6 interface vrf all
  cisco@aci: show interface
  cisco@aci: show hsrp brief
  cisco@aci: show ip interface vrf all
  cisco@aci: show inventory
  cisco@aci: show version
  cisco@aci: show isis dteps vrf overlay-1
  cisco@aci: show coop internal info ip-db
  cisco@aci: show system internal epm vrf all
  cisco@aci: show system internal epm vlan all
  cisco@aci: show endpoint detail
  hpe@arubacx: show running-config

Legend: ✓=Full, ✗=Not Yet, ○=N/A