C
OMMAND
L
INE
I
NTERFACE
4-120
Example
This example configures one permit rule for the specific address 10.1.1.21
and another rule for the address range 168.92.16.x – 168.92.31.x using a
bitmask.
Related Commands
access-list ip (4-118)
permit
,
deny
(Extended ACL)
This command adds a rule to an Extended IP ACL. The rule sets a filter
condition for packets with specific source or destination IP addresses,
protocol types, source or destination protocol ports, or TCP control codes.
Use the
no
form to remove a rule.
Syntax
[
no
] {
permit
|
deny
} [
protocol
-
number |
udp
]
{
any
|
source address-bitmask |
host
source
}
{any |
destination address-bitmask |
host
destination
}
[
precedence
precedence
] [
tos
tos
] [
dscp
dscp
]
[
source-port
source-port
[
bitmask
]] [
destination-port
destination-port
[
port
-
bitmask
]]
[
no
] {
permit
|
deny
}
tcp
{
any
|
source address-bitmask |
host
source
}
{
any
|
destination address-bitmask |
host
destination
}
[
precedence
precedence
] [
tos
tos
] [
dscp
dscp
]
[
source-port
source-port
[
bitmask
]] [
destination-port
destination-port
[
port
-
bitmask
]]
[
control-flag
control-flags
flag-bitmask
]
•
protocol-number
– A specific protocol number. (Range: 0-255)
•
source
– Source IP address.
•
destination
– Destination IP address.
Console(config-std-acl)#permit host 10.1.1.21
Console(config-std-acl)#permit 168.92.16.0 255.255.240.0
Console(config-std-acl)#
Summary of Contents for 8648T - annexe 1
Page 2: ......
Page 34: ...INTRODUCTION 1 10 ...
Page 48: ...INITIAL CONFIGURATION 2 14 ...
Page 159: ...PORT CONFIGURATION 3 111 Figure 3 48 Displaying Etherlike and RMON Statistics ...
Page 411: ...DNS COMMANDS 4 167 ...
Page 536: ...COMMAND LINE INTERFACE 4 291 ...
Page 542: ...TROUBLESHOOTING B 2 ...
Page 555: ......