4 access-list(ip standard), 5 access-list(mac extended) – Accton Technology ES4626 User Manual

Page 757

Advertising
background image

757

directly use the manner where OFFSET is configured.

Examples:

Create the numeric expansion access-list whose serial No. is 110. deny icmp

packet to pass, and permit udp packet with destination address 192. 168. 0. 1 and

destination port 32 to pass.

Switch(Config)#access-list 110 deny icmp any any-destination

Switch(Config)#access-list 110 permit udp any host-destination 192.168.0.1 d-port 32

18.2.2.4 access-list(ip standard)

Command: access-list <num> {deny | permit} {{<sIpAddr> <sMask >} | any| {host

<sIpAddr>}}

no access-list <num>

Functions:

Create a numeric standard IP access-list. If this access-list exists, then add a

rule list; the “no access-list <num>“ operation of this command is to delete a numeric

standard IP access-list.

Parameters: <num>

is the No. of access-list, 100-199; <sIpAddr> is the source IP

address, the format is dotted decimal notation; <sMask > is the reverse mask of source

IP, the format is dotted decimal notation;

Command Mode:

Global mode

Default:

No access-lists configured.

Usage Guide:

When the user assign specific <num> for the first time, ACL of the serial

number is created, then the lists are added into this ACL.

Examples:

Create a numeric standard IP access-list whose serial No. is 20, and permit

date packets with source address of 10.1.1.0/24 to pass, and deny other packets with

source address of 10.1.1.0/16.

Switch(Config)#access-list 20 permit 10.1.1.0 0.0.0.255

Switch(Config)#access-list 20 deny 10.1.1.0 0.0.255.255

18.2.2.5 access-list(mac extended)

Command:

access-list<num>{deny|permit}{any-source-mac | { host-source-mac

<host_smac>}|{<smac><smac-mask>}}{any-destination-mac|{host-destination-mac

<host_dmac>}|{<dmac><dmac-mask>}}{untagged-eth2|tagged-eth2|

untagged-802-3 |tagged-802-3}[<offset1> <length1> <value1> [<offset2> <length2>

<value2> [<offset3> <length3> <value3> [<offset4> <length4> <value4>]]]]]

no access-list <num>

Functions:

Define a expansion numeric MAC ACL rule, ‘no access-list <num>

command deletes an expansion numeric MAC access-list rule.

Parameters:

Advertising
This manual is related to the following products:

ES4650, ES4624-SFP, ES4626-SFP

Popular Brands
Popular manuals