Ip access-list – Avaya X330WAN User Manual

Chapter 6

X330WAN CLI Commands

210

Avaya X330WAN User’s Guide

Syntax

[no] ip access-group

<policy-list-number> <direction>

Parameters

Example

X330WAN-2DS1-1(config-if:FastEthernet1)# ip access-group 110 out

ip access-list

Use the

ip access-list

command to create a specific Policy rule. Each rule

pertains to the source IP address, the destination IP address, the protocol, the
protocol ports (TCP/UDP, if relevant), and to the ACK bit (in TCP protocol). The

no

form of this command deletes a specific rule.

The syntax for this command is:

[no] ip access-list

<policy-list-number> <access-list-index> <action>

<protocol> {<source-ip> <source-wildcard>|any|host <source-ip>}

[<operator> <port> [<port]] {<destination-ip> <destination-

wildcard>|any|host <destination-ip>}[<operator> <port>

[<port>]][established] [precedence]

Parameters

policy-list-number

An integer from 100 to 149, where 0 is the default list.

direction

in|out

policy-list-number

An integer from 100 to 149.

access-list-index

An integer from 100 to 149.

action

permit|deny|deny-and-notify|fwd0-7| composite

op name

protocol

ip|tcp|udp|

integer from 1 to 255.

source-ip

IP network

source-wildcard

IP network wildcard

operator

eq|lt|gt|range

port

An integer from 1 to 65535.

destination-ip

IP network

destination-wildcard

IP network wildcard