PLANET XGS3-24042 User Manual
Page 501
51-10
(8) Configuring a numbered extended MAC-IP access-list
Command
Explanation
Global mode
access-list<num>{deny|permit} {any-source-mac|
{host-source-mac <host_smac>} | {<smac>
<smac-mask>}} {any-destination-mac |
{host-destination-mac <host_dmac>} |
{<dmac><dmac-mask>}} icmp {{<source>
<source-wildcard>} |any-source| {host-source
<source-host-ip>}} {{<destination>
<destination-wildcard>} | any-destination |
{host-destination <destination-host-ip>}}
[<icmp-type> [<icmp-code>]] [precedence
<precedence>] [tos <tos>] [time-range
<time-range-name>]
Creates a numbered
mac-icmp extended mac-ip
access rule; if the numbered
extended access-list of
specified number does not
exist, then an access-list will
be created using this number.
access-list<num>{deny|permit}{any-source-mac|
{host-source-mac<host_smac>}|{<smac><smac-ma
sk>}} {any-destination-mac|{host-destination-mac
<host_dmac>}|{<dmac><dmac-mask>}}igmp
{{<source><source-wildcard>}|any-source|
{host-source<source-host-ip>}}
{{<destination><destination-wildcard>}|any-destinati
on| {host-destination<destination-host-ip>}}
[<igmp-type>] [precedence <precedence>] [tos
<tos>][time-range<time-range-name>]
Creates a numbered
mac-igmp extended mac-ip
access rule; if the numbered
extended access-list of
specified number does not
exist, then an access-list will
be created using this number.
access-list<num>{deny|permit}{any-source-mac|
{host-source-mac<host_smac>}|{<smac><smac-ma
sk>}}{any-destination-mac|{host-destination-mac
<host_dmac>}|{<dmac><dmac-mask>}}tcp
{{<source><source-wildcard>}|any-source|
{host-source<source-host-ip>}} [s-port {<port1> |
range <sPortMin> <sPortMax>}]
{{<destination><destination-wildcard>}|any-destinati
on| {host-destination <destination-host-ip>}} [d-port
{<port3> | range <dPortMin> <dPortMax>}]
[ack+fin+psh+rst+urg+syn] [precedence
<precedence>] [tos
<tos>][time-range<time-range-name>]
Creates a numbered mac-ip
extended
mac-tcp
access
rule; if the numbered
extended access-list of
specified number does not
exist, then an access-list will
be created using this number.