4 access-list(ip standard), 5 access-list(mac extended) – Accton Technology ES4626 User Manual
Page 757
757
directly use the manner where OFFSET is configured.
Examples:
Create the numeric expansion access-list whose serial No. is 110. deny icmp
packet to pass, and permit udp packet with destination address 192. 168. 0. 1 and
destination port 32 to pass.
Switch(Config)#access-list 110 deny icmp any any-destination
Switch(Config)#access-list 110 permit udp any host-destination 192.168.0.1 d-port 32
18.2.2.4 access-list(ip standard)
Command: access-list <num> {deny | permit} {{<sIpAddr> <sMask >} | any| {host
<sIpAddr>}}
no access-list <num>
Functions:
Create a numeric standard IP access-list. If this access-list exists, then add a
rule list; the “no access-list <num>“ operation of this command is to delete a numeric
standard IP access-list.
Parameters: <num>
is the No. of access-list, 100-199; <sIpAddr> is the source IP
address, the format is dotted decimal notation; <sMask > is the reverse mask of source
IP, the format is dotted decimal notation;
Command Mode:
Global mode
Default:
No access-lists configured.
Usage Guide:
When the user assign specific <num> for the first time, ACL of the serial
number is created, then the lists are added into this ACL.
Examples:
Create a numeric standard IP access-list whose serial No. is 20, and permit
date packets with source address of 10.1.1.0/24 to pass, and deny other packets with
source address of 10.1.1.0/16.
Switch(Config)#access-list 20 permit 10.1.1.0 0.0.0.255
Switch(Config)#access-list 20 deny 10.1.1.0 0.0.255.255
18.2.2.5 access-list(mac extended)
Command:
access-list<num>{deny|permit}{any-source-mac | { host-source-mac
<host_smac>}|{<smac><smac-mask>}}{any-destination-mac|{host-destination-mac
<host_dmac>}|{<dmac><dmac-mask>}}{untagged-eth2|tagged-eth2|
untagged-802-3 |tagged-802-3}[<offset1> <length1> <value1> [<offset2> <length2>
<value2> [<offset3> <length3> <value3> [<offset4> <length4> <value4>]]]]]
no access-list <num>
Functions:
Define a expansion numeric MAC ACL rule, ‘no access-list <num>’
command deletes an expansion numeric MAC access-list rule.
Parameters: