PLANET WGSW-52040 User Manual

Page 339

Advertising
background image

Command Explanation

Extended IP ACL Mode

[no] {deny | permit} icmp {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}} [<icmp-type> [<icmp-code>]]

[precedence <prec>] [tos

<tos>

][time-range<time-range-name>]

Creates an extended

name-based ICMP IP access

rule; the no form command

deletes this name-based

extended IP access rule.

[no] {deny | permit} igmp {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}} [<igmp-type>] [precedence <prec>] [tos

<tos>

][time-range<time-range-name>]

Creates an extended

name-based IGMP IP access

rule; the no form command

deletes this name-based

extended IP access rule.

[no] {deny | permit} tcp {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} [s-port

{<sPort> | range <sPortMin> <sPortMax>}]

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port {<dPort> |

range <dPortMin> <dPortMax>}]

[ack+fin+psh+rst+urg+syn] [precedence <prec>] [tos

<tos>

][time-range<time-range-name>]

Creates an extended

name-based TCP IP access

rule; the no form command

deletes this name-based

extended IP access rule.

[no] {deny | permit} udp {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} [s-port

{<sPort> | range <sPortMin> <sPortMax>}]

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port {<dPort> |

range <dPortMin> <dPortMax>}] [precedence

<prec>

] [tos <tos>][time-range<time-range-name>]

Creates an extended

name-based UDP IP access

rule; the no form command

deletes this name-based

extended IP access rule.

[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip |

ospf | <protocol-num>} {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>

} | any-destination | {host-destination

<dIpAddr>

}} [precedence <prec>] [tos

<tos>

][time-range<time-range-name>]

Creates an extended

name-based IP access rule

for other IP protocols; the no

form command deletes this

name-based extended IP

access rule.

c. Exit extended IP ACL configuration mode

41-118

Advertising
See also other documents in the category PLANET Routers: