PLANET XGS3-24042 User Manual
Page 495
51-4
5. Clear the filtering information of the specified port
1. Configuring access-list
(1) Configuring a numbered standard IP access-list
Command
Explanation
Global Mode
access-list <num> {deny | permit} {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
no access-list <num>
Creates a numbered standard IP
access-list, if the access-list
already exists, then a rule will
add to the current access-list;
the “no access-list
<num>“ command deletes a
numbered standard IP
access-list.
(2) Configuring a numbered extensive IP access-list
Command
Explanation
Global Mode
access-list <num> {deny | permit} icmp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
{{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [<icmp-type>
[<icmp-code>]] [precedence <prec>] [tos
<tos>][time-range<time-range-name>]
Creates a numbered ICMP
extended IP access rule; if the
numbered extended access-list of
specified number does not exist,
then an access-list will be created
using this number.
access-list <num> {deny | permit} igmp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
{{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [<igmp-type>]
[precedence <prec>] [tos
<tos>][time-range<time-range-name>]
Creates a numbered IGMP
extended IP access rule; if the
numbered extended access-list of
specified number does not exist,
then an access-list will be created
using this number.
access-list <num> {deny | permit} tcp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
[s-port {<sPort> | range <sPortMin> <sPortMax>}]
{{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [d-port {<dPort> |
range <dPortMin> <dPortMax>}]
[ack+fin+psh+rst+urg+syn] [precedence <prec>] [tos
<tos>][time-range<time-range-name>]
Creates a numbered TCP
extended IP access rule; if the
numbered extended access-list of
specified number does not exist,
then an access-list will be created
using this number.