3 access-list (ip extended), Access, List – PLANET WGSW-50040 User Manual

Page 315: Ip extended

Advertising
background image

Commands for Security Function Chapter 6 Commands for TACACS+

21.3 access-list (ip extended)

Command:

access-list <num> {deny | permit} icmp {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<icmp-type> [<icmp-code>]] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

access-list <num> {deny | permit} igmp {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<igmp-type>] [precedence <prec>] [tos <tos>][time-range<time-range-name>]

access-list <num> {deny | permit} tcp {{ <sIpAddr> <sMask> } | any-source | {host-source

<sIpAddr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> }] {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin>

<dPortMax> }] [ack+ fin+ psh+ rst+ urg+ syn] [precedence <prec> ] [tos <tos> ][time-range

<time-range-name> ]

access-list <num> {deny | permit} udp {{ <sIpAddr> <sMask> } | any-source | {host-source

<sIpAddr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> ] {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin>

<dPortMax> }] [precedence <prec> ] [tos <tos> ][time-range <time-range-name> ]

access-list <num> {deny | permit} {eigrp | gre | igrp | ipinip | ip | ospf | <protocol-num> }

{{ <sIpAddr> <sMask> } | any-source | {host-source <sIpAddr> }} {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [precedence <prec> ] [tos

<tos> ][time-range <time-range-name> ]

no access-list <num>

Functions:

Create a numeric extended IP access rule to match specific IP protocol or all IP protocol; if

access-list of this coded numeric extended does not exist, thus to create such a access-list.

Parameters:

<num> is the No. of access-list, 100-299;

<protocol> is the No. of upper-layer protocol of ip, 0-255;

<sIpAddr> is the source IP address, the format is dotted decimal notation;

<sMask > is the reverse mask of source IP, the format is dotted decimal notation;

<dIpAddr> is the destination IP address, the format is dotted decimal notation;

<dMask> is the reverse mask of destination IP, the format is dotted decimal notation, attentive

position o, ignored position1;

<igmp-type>,the type of igmp, 0-15;

<icmp-type>, the type of icmp, 0-255;

<icmp-code>, protocol No. of icmp, 0-255;

<prec>, IP priority, 0-7;

Advertising
Popular Brands
Popular manuals