20 permit | deny(ip standard), 21 permit | deny(mac extended) – Accton Technology ES4626 User Manual
Page 767
767
type of icmp, 0-255 ; <icmp-code>, protocol No. of icmp, 0-255; <prec>, IP priority, 0-7;
<tos>
, to value, 0-15; <sPort>, source port No., 0-65535; <dPort>, destination port No.
0-65535; <time-range-name>, time range name
Command Mode:
Name expansion IP access-list configuration mode
Default:
No access-list configured
Examples:
Create the expansion access-list, deny icmp packet to pass, and permit udp
packet with destination address 192. 168. 0. 1 and destination port 32 to pass.
Switch(Config)# access-list ip extended udpFlow
Switch(Config-Ext-Nacl-udpFlow)# deny igmp any any-destination
Switch(Config-Ext-Nacl-udpFlow)# permit udp any host-destination 192.168.0.1 d-port 32
18.2.2.20 permit | deny(ip standard)
Command:{deny | permit} {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}
no {deny | permit} {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}
Functions:
Create a name standard IP access rule, and ‘no {deny | permit}
{{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}
’ action of this command deletes this
name standard IP access rule.
Parameters: <sIpAddr>
is the source IP address, the format is dotted decimal notation;
<sMask >
is the reverse mask of source IP, the format is dotted decimal notation;
Command Mode:
Name standard IP access-list configuration mode
Default:
No access-list configured
Example:
Permit packets with source address 10.1.1.0/24 to pass, and deny other
packets with source address 10.1.1.0/16.
Switch(Config)# access-list ip standard ipFlow
Switch(Config-Std-Nacl-ipFlow)# permit 10.1.1.0 0.0.0.255
Switch(Config-Std-Nacl-ipFlow)# deny 10.1.1.0 0.0.255.255
18.2.2.21 permit | deny(mac extended)
Command:
[no]{deny|permit}
{any-source-mac|{host-source-mac<host_smac>}|{<smac><smac-mask>}}
{any-destination-mac|{host-destination-mac<host_dmac>}|{<dmac><dmac-mask>}}
[cos <cos-val> [<cos-bitmask>]] [vlanId <vid-value> [<vid-mask>]] [ethertype
<protocol> [<protocol-mask>]]
[no]{deny|permit}
{any-source-mac|{host-source-mac<host_smac>}|{<smac><smac-mask>}}
{any-destination-mac|{host-destination-mac<host_dmac>}|{<dmac><dmac-mask>}}
[untagged-eth2 [ethertype <protocol> [protocol-mask]]]