Filter (access-list) commands, C-19, Table c-11, filter commands – Paradyne 9788 User Manual
Page 283
C. Router CLI Commands, Codes, and Designations
9700-A2-GB20-20
December 2002
C-19
Filter (access-list) Commands
Filter commands are used to create or delete Access Lists.
Table C-11. Filter Commands (1 of 4)
access-list
access-list-num [{permit | deny}
{{
source-ip [source-wildcard ] | any | host source-host-ip} |
{
protocol {source-ip source-wildcard | any | host source-host-ip}
[
src-operator src-port [src-end-port ] ]
{
dest-ip dest-wildcard | any | host dest-host-ip}
[ [
icmp-msg-type [icmp-msg-code ] ] |
[
dest-operator dest-port [dest-end-port ] ] ] }|
{
type-code [range end-type-code] } }
no
access-list
access-list-num [{permit | deny}
{{
source-ip [source-wildcard] | any | host source-host-ip} |
{
protocol {source-ip source-wildcard | any | host source-host-ip}
[
src-operator src-port [src-end-port] ]
{
dest-ip dest-wildcard | any | host dest-host-ip}
[ [
icmp-msg-type [icmp-msg-code ] ] |
[
dest-operator dest-port [dest-end-port ] ] ] } |
{
type-code [ range end-type-code] } }
Minimum Access Level: Administrator
Command Mode: config
Allows a user to create or delete a rule for an access list. Access lists default to an implicit
deny statement for everything. Access lists are terminated by an implicit deny.
access-list-num – The access list number. Valid ranges for access lists are:
1–99 – Standard IP access lists.
100–199 – Extended IP access lists.
200–299 – Protocol type-code access lists.
permit – Specifies to permit access and forward packets matching the criteria.
deny – Specifies to deny access and discard packets matching the criteria.
For Standard IP Access Lists:
Example: access-list 1 permit 10.1.1.1
source-ip – The source IP Address to match.
source-wildcard – Specifies a 32-bit wildcard mask indicating the bit positions in the
source IP address to ignore during matches. This argument must be supplied when a
source-ip address is specified.
any – Specifies to match any source host. A source-ip of 0.0.0.0 and a source-wildcard
of
255.255.255.255 are specified.
host – Specify a single host source address to match.
source-host-ip – The source host IP address to match.
(Continued on next page)