PLANET XGS3-24042 User Manual

51-5

access-list <num> {deny | permit} udp {{<sIpAddr>

<sMask>} | any-source | {host-source <sIpAddr>}}

[s-port {<sPort> | range <sPortMin> <sPortMax>}]

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port {<dPort> |

range <dPortMin> <dPortMax>}] [precedence

<prec>] [tos <tos>][time-range<time-range-name>]

Creates a numbered UDP

extended IP access rule; if the

numbered extended access-list of

specified number does not exist,

then an access-list will be created

using this number.

access-list <num> {deny | permit} {eigrp | gre | igrp |

ipinip | ip | ospf | <protocol-num>} {{<sIpAddr>

<sMask>} | any-source | {host-source <sIpAddr>}}

{{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [precedence <prec>]

[tos <tos>][time-range<time-range-name>]

Creates a numbered IP extended

IP access rule for other specific IP

protocol or all IP protocols; if the

numbered extended access-list of

specified number does not exist,

then an access-list will be created

using this number.

no access-list <num>

Deletes a numbered extensive IP

access-list.

(3) Configuring a standard IP access-list basing on nomenclature

a. Create a name-based standard IP access-list

Command

Explanation

Global Mode

ip access-list standard <name>

no ip access-list standard <name>

Creates a standard IP

access-list based on

nomenclature; the “no ip

access-list standard

<name>“ command deletes the

name-based standard IP

access-list.

b. Specify multiple “permit” or “deny” rules

Command

Explanation

Standard IP ACL Mode

[no] {deny | permit} {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}}

Creates a standard

name-based IP access rule; the

“no” form command deletes the

name-based standard IP

access rule.

c. Exit name-based standard IP ACL configuration mode