PLANET XGS3-24040 User Manual

Chapter 46 ACL Configuration

46-6

[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip |

ospf | <protocol-num>} {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>} | any-destination | {host-destination

<dIpAddr>}} [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

Creates an extended

name-based IP access rule

for other IP protocols; the “no”

form command deletes this

name-based extended IP

access rule.

c. Exit extended IP ACL configuration mode

Command

Explanation

Extended IP ACL Mode

exit

Exits extended name-based

IP ACL configuration mode.

(5) Configuring a numbered standard MAC access-list

Command

Explanation

Global Mode

access-list<num>{deny|permit}{any-source-mac|{ho

st-source-mac<host_smac>}|{<smac><smac-mask>}

}

no access-list <num>

Creates a numbered standard

MAC

access-list, if the

access-list already exists,

then a rule will add to the

current access-list; the “no

access-list

<num>“ command deletes a

numbered standard MAC

access-list.

(6) Creates a numbered MAC extended access-list

Command

Explanation

Global Mode

access-list<num> {deny|permit} {any-source-mac|

{host-source-mac<host_smac>}|{<smac><smac-ma

sk>}}{any-destination-mac|{host-destination-mac<h

ost_dmac>}|{<dmac><dmac-mask>}}[{untagged-eth

2|tagged-eth2|untagged-802-3|tagged-802-3}[ <offset

1> <length1> <value1> [ <offset2> <length2>

<value2> [ <offset3> <length3> <value3> [ <offset4>

<length4> <value4> ]]]] ]

no access-list <num>

Creates a numbered MAC

extended access-list, if the

access-list already exists,

then a rule will add to the

current access-list; the “no

access-list

<num>“ command deletes a

numbered

MAC

extended

access-list.