ADC CUDA 3 User Manual
Page 334
ADC Telecommunications, Inc.
332
C
HAPTER
15: IP P
ACKET
F
ILTERING
Creating IP
Access Lists
To create an IP access list, perform the following task in either root mode or
interface configuration mode:
For example, the following access list denies IP packets with the source
address of 172.16.19.200:
cli:172.16.19.10:root# access-list 4 deny 10 ip 172.16.19.200
0.0.0.0 any
Creating TCP
Access Lists
To create a TCP access list, perform the following task in either root mode or
interface configuration mode:
Task
Command
Create an IP access
list.
access-list <list number> {deny | permit} <rule number>
ip {<source IP address> <source IP mask> | host <ip
address> | any} {<destination IP address> <destination IP
mask> | host <destination ip address> | any} [tos <tos>
<tos mask>] [change-tos <tos>]
Task
Command
Create an TCP access
list.
access-list <list number> {deny | permit} <rule number>
tcp [<source IP address> <source IP mask> | host <ip
address> | any} {<destination IP address> <destination IP
mask> | host <destination ip address> | any} {<ip address>
<IP mask> | host <ip address> | <operator> <port>
[<port>] | any}] {< IP address> < mask > | any | host <ip
address> [<operator> <port> [<port>] ] established]
[tos <tos> <tos mask>] [change-tos <tos>]