3 access-list (ip extended), Access, List – PLANET WGSW-52040 User Manual

Page 600: Ip extended

Advertising
background image

38-140

the former configuration.

Examples:

Make configurations effective from 6:00:00 to 13:30:00 from Oct. 1, 2004 to Jan. 26, 2005.

Switch(config)#Time-range admin_timer

Switch(Config-Time-Range-admin_timer)#absolute start 6:00:00 2004.10.1 end 13:30:00 2005.1.26

38.3 access-list (ip extended)

Command:

access-list <num> {deny | permit} icmp {{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}}

{{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}} [<icmp-type> [<icmp-code>]]

[precedence <prec>] [tos <tos>][time-range<time-range-name>]

access-list <num> {deny | permit} igmp {{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}}

{{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}} [<igmp-type>] [precedence <prec>]

[tos <tos>][time-range<time-range-name>]

access-list <num> {deny | permit} tcp {{ <sIpAddr> <sMask> } | any-source | {host-source <sIpAddr> }}

[s-port { <sPort> | range <sPortMin> <sPortMax> }] {{ <dIpAddr> <dMask> } | any-destination |

{host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin> <dPortMax> }] [ack+ fin+ psh+ rst+ urg+

syn] [precedence <prec> ] [tos <tos> ][time-range <time-range-name> ]

access-list <num> {deny | permit} udp {{ <sIpAddr> <sMask> } | any-source | {host-source <sIpAddr> }}

[s-port { <sPort> | range <sPortMin> <sPortMax> ] {{ <dIpAddr> <dMask> } | any-destination |

{host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin> <dPortMax> }] [precedence <prec> ] [tos

<tos> ][time-range<time-range-name> ]

access-list <num> {deny | permit} {eigrp | gre | igrp | ipinip | ip | ospf | <protocol-num> } {{ <sIpAddr>

<sMask> } | any-source | {host-source <sIpAddr> }} {{ <dIpAddr> <dMask> } | any-destination |

{host-destination <dIpAddr> }} [precedence <prec> ] [tos <tos> ][time-range <time-range-name> ]

no access-list <num>

Functions:

Create a numeric extended IP access rule to match specific IP protocol or all IP protocol; if access-list of this coded

numeric extended does not exist, thus to create such a access-list.

Parameters:

<num> is the No. of access-list, 100-299; <protocol> is the No. of upper-layer protocol of ip, 0-255; <sIpAddr> is

the source IP address, the format is dotted decimal notation; <sMask > is the reverse mask of source IP, the format

is dotted decimal notation; <dIpAddr> is the destination IP address, the format is dotted decimal notation; <dMask>

is the reverse mask of destination IP, the format is dotted decimal notation, attentive position o, ignored

Advertising
Popular Brands
Popular manuals