![background image](http://html1.mh-extra.com/html/patton-electronics/iplink-2821/iplink-2821_getting-started-manual_4067682086.webp)
Access control list configuration task list
86
IPLink 2800 Series Getting Started Guide
7 • Access control list configuration
Mode: Profile access control list
Where the syntax is:
If you place a deny ip any any rule at the top of an access control list profile, no packets will pass regardless of
the other rules you defined.
Example:
Create IP access control list entries
Select the access-list profile named WanRx and create some filter rules for it.
2800(cfg)#profile acl WanRx
2800(pf-acl)[WanRx]#permit ip host 62.1.2.3 host 193.14.2.11 cos Urgent
2800(pf-acl)[WanRx]#permit ip 62.1.2.3 0.0.255.255 host 193.14.2.11
2800(pf-acl)[WanRx]#permit ip 97.123.111.0 0.0.0.255 host 193.14.2.11
2800(pf-acl)[WanRx]#deny ip any any
2800(pf-acl)[WanRx]#exit
2800(cfg)#
Step
Command
Purpose
1
node(pf-acl)[
name
]#deny ip {
src src-wildcard
| any | host
src
} {
dest
dest-wildcard
| any | host
dest
} [cos
group
]
Creates an IP access of control list
entry that denies access defined
according to the command
options
Keyword
Meaning
src
The source address to be included in the rule. An IP address in dotted-decimal-format,
e.g. 64.231.1.10.
src-wildcard
A wildcard for the source address. Expressed in dotted-decimal format this value specifies
which bits are significant for matching. One-bits in the wildcard indicate that the corre-
sponding bits are ignored. An example for a valid wildcard is 0.0.0.255, which speci-
fies a class C network.
any
Indicates that IP traffic to or from all IP addresses is to be included in the rule.
host
src
The address of a single source host.
dest
The destination address to be included in the rule. An IP address in dotted-decimal-for-
mat, e.g. 64.231.1.10.
dest-wildcard
A wildcard for the destination address. See
src-wildcard
host dest
The address of a single destination host.
cos
Optional. Specifies that packets matched by this rule belong to a certain Class of Service
(CoS). For detailed description of CoS configuration refer to chapter 8,
group
CoS group name.
Summary of Contents for IPLink 2821
Page 4: ...Summary Table of Contents IPLink 2800 Series Getting Started Guide 4...
Page 18: ...About this guide IPLink 2800 Series Getting Started Guide 18...
Page 114: ...114 Chapter 9 LEDs status and monitoring Chapter contents Status LEDs 121...
Page 134: ...134 Appendix E IPLink 2800 Series factory configuration Chapter contents Introduction 142...
Page 136: ...136 Appendix F Installation checklist Chapter contents Introduction 144...