Accton Technology ES4710BD User Manual

Page 272

Advertising
background image

271

E

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

ip access-group <name> {in|out }

no ip access-group <name> {in|out}

Applies an access list to the specified direction on

the port; the “no ip access-group <name>

{in|out}” command deletes the access list bound

to the port.

12.2.2 ACL Configuration Commands

12.2.2.1 access-list(extended)

Command: access-list <num> {deny | permit} icmp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination

<dIpAddr>}} [<icmp-type> [<icmp-code>]] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} igmp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination

<dIpAddr>}} [<igmp-type>] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} tcp {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}} [s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination | {host-destination

<dIpAddr>}} [d-port <dPort>] [ack | fin | psh | rst | syn | urg] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} udp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} [s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} {eigrp | gre | igrp | ipinip | ip | <int>} {{<sIpAddr>

<sMask>} | any-source | {host-source <sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [precedence <prec>] [tos <tos>]

no access-list <num>

Function: Creates a numbered extended IP access rule for specific IP protocol or all IP protocols; if

the numbered extended access list of specified number does not exist, then an access list will be

created using this number. The “no” form command deletes a numbered extended IP access list.

Parameters: <num> is the access table number from 100 to 199; <sIpAddr> is the source IP

address in decimal format; <sMask > is the mask complement of the source IP in decimal format;

<dIpAddr> is the destination IP address in decimal format; <dMask> is the mask complement of the

destination IP in decimal format, 0 for significant bit and 1 for ignored bit; <igmp-type> is the

IGMP type; <icmp-type> is the ICMP type; <icmp-code> is the ICMP protocol number; <prec> is

the IP priority from 0 – 7; <tos> is the tos value from 0 -15; <sPort> is the source port number from

0 – 65535; <dPort> is the destination port number from 0 – 65535.

Command mode: Global Mode

Advertising
See also other documents in the category Accton Technology Computer Accessories: