2 absolute start, 3 access-list (ip extended), Absolute start – PLANET XGS3-24040 User Manual

Page 731: Access, List, Ip extended

Advertising
background image

Commands for Security Function Chapter 2 Commands for 802.1x

41-3

41.2 absolute start

Command: [no] absolute start <start_time> <start_data> [end <end_time> <end_data>]

Functions: Define an absolute time-range, this time-range operates subject to the clock of this

equipment.

Parameters: start_time : start time, HH:MM:SS (hour: minute: second)

end_time : end time, HH:MM:SS (hour: minute: second)

start_data

: start data, the format is, YYYY.MM.DD ( year.month.day )

end_data : end data, the format is, YYYY.MM.DD(year.month.day)

Remark: time-range is one minute per time, so the time error shall be <= one minute.

Command Mode: Time-range mode

Default: No time-range configuration.

Usage Guide: Absolute time and date, assign specific year, month, day, hour, minute of the start, shall

not configure multiple absolute time and date, when in repeated configuration, the latter configuration

covers the absolute time and date of the former configuration.

Examples: Make configurations effective from 6:00:00 to 13:30:00 from Oct. 1, 2004 to Jan. 26, 2005.

Switch(config)#Time-range admin_timer

Switch(Config-Time-Range-admin_timer)#absolute start 6:00:00 2004.10.1 end 13:30:00

2005.1.26

41.3 access-list (ip extended)

Command: access-list <num> {deny | permit} icmp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<icmp-type> [<icmp-code>]] [precedence <prec>] [tos <tos>][time-range<time-range-name>]

access-list <num> {deny | permit} igmp {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<igmp-type>] [precedence <prec>] [tos <tos>][time-range<time-range-name>]

access-list <num> {deny | permit} tcp {{ <sIpAddr> <sMask> } | any-source | {host-source

<sIpAddr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> }] {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin>

<dPortMax> }] [ack+ fin+ psh+ rst+ urg+ syn] [precedence <prec> ] [tos <tos> ][time-range

<time-range-name> ]

access-list <num> {deny | permit} udp {{ <sIpAddr> <sMask> } | any-source | {host-source

<sIpAddr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> ] {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [d-port { <dPort> | range <dPortMin>

<dPortMax> }] [precedence <prec> ] [tos <tos> ][time-range <time-range-name> ]

access-list <num> {deny | permit} {eigrp | gre | igrp | ipinip | ip | ospf | <protocol-num> }

{{ <sIpAddr> <sMask> } | any-source | {host-source <sIpAddr> }} {{ <dIpAddr> <dMask> } |

any-destination | {host-destination <dIpAddr> }} [precedence <prec> ] [tos <tos> ][time-range

<time-range-name> ]

no access-list <num>

Functions: Create a numeric extended IP access rule to match specific IP protocol or all IP protocol; if

Advertising
Popular Brands
Popular manuals