Permit, deny (extended acl) – Planet Technology SGSD-1022 User Manual
Page 499
User’s Manual of SGSD-1022 / SGSD-1022P
SGSW-2840 / SGSW-2840P
499
Console(config-std-acl)#permit host 10.1.1.21
Console(config-std-acl)#permit 168.92.16.0 255.255.240.0
Related Commands
access-list ip
permit, deny (Extended ACL)
This command adds a rule to an Extended IP ACL. The rule sets a filter condition for packets with specific source or destination
IP addresses, protocol types, source or destination protocol ports, or TCP control codes. Use the no form to remove a rule.
Syntax
[no] {permit | deny}[protocol-number | udp]
{any | source address-bitmask | host source}
{any | destination address-bitmask | host destination}
[precedence precedence] [dscp dscp]
[source-port sport [end]] [destination-port dport [end]]
[no] {permit | deny} tcp
{any | source address-bitmask | host source}
{any | destination address-bitmask | host destination}
[precedence precedence] [dscp dscp]
[source-port sport [end]] [destination-port dport [end]]
[control-flag control-flag]
• protocol-number – A specific protocol number. (Range: 0-255)
• source – Source IP address.
• destination – Destination IP address.
• address-bitmask – Decimal number representing the address bits to match.
• host – Keyword followed by a specific IP address.
• precedence – IP precedence level. (Range: 0-7)
• dscp – DSCP priority level. (Range: 0-63)
• sport – Protocol21 source port number. (Range: 0-65535)
• dport – Protocol21 destination port number. (Range: 0-65535)
• end – Upper bound of the protocol port range. (Range: 0-65535)
• control-flag – Decimal number (representing a bit string) that specifies flag bits in byte 14 of the TCP header. (Range:
0-63)
Default Setting
None
Command Mode