Security Configuration Command Set
Configuring Access Lists
Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide
14-91
To insert or replace an ACL entry:
access-list
access-list-number
insert
|
replace entry
To move entries within an ACL:
access-list
access-list-number
move destination
source1
[
source2
]
Syntax Description
NOTE:
Valid
access-list-numbers
for standard ACLs are
1
to
99
. For extended ACLs,
valid values are
100
to
199
.
access-list-
number
Specifies a standard access list number. Valid values are
from
1
to
99.
insert
|
replace
entry
(Optional) Inserts this new entry before a specified entry in
an existing ACL, or replaces a specified entry with this new
entry.
move destination
source1 source2
(Optional) Moves a sequence of access list entries before
another entry.
Destination
is the number of the existing
entry before which this new entry will be moved.
Source1
is
a single entry number or the first entry number in the range
to be moved.
Source2
(optional) is the last entry number in
the range to be moved. If not specified, only the
source1
entry will be moved.
deny
|
permit
Denies or permits access if specified conditions are met.
protocol
Specifies an IP protocol for which to deny or permit access.
Valid values and their corresponding protocols are:
•
ip
- Any Internet protocol
•
icmp
- Internet Control Message Protocol
•
udp
- User Datagram Protocol
•
tcp
- Transmission Protocol
source
Specifies the network or host from which the packet will be
sent. Valid options for expressing source are:
•
IP address or range of addresses (A.B.C.D)
•
any
- Any source host
•
host
source
- IP address of a single source host
source-wildcard
(Optional) Specifies the bits to ignore in the
source
address.