19 permit | deny(ip standard), 20 permit | deny(ipv6 extended), Permit – PLANET XGS3-24042 User Manual

47-20

47.19 permit | deny(ip standard)

Command:

{deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}}

no {deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}}

Functions:

Create a name standard IP access rule, and “no {deny | permit} {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}}” action of this command deletes this name standard IP

access rule.

Parameters:

<sIpAddr> is the source IP address, the format is dotted decimal notation; <sMask > is the reverse

mask of source IP, the format is dotted decimal notation.

Command Mode:

Name standard IP access-list configuration mode

Default:

No access-list configured.

Example:

Permit packets with source address 10.1.1.0/24 to pass, and deny other packets with source

address 10.1.1.0/16.

Switch(config)# access-list ip standard ipFlow

Switch(Config-Std-Nacl-ipFlow)# permit 10.1.1.0 0.0.0.255

Switch(Config-Std-Nacl-ipFlow)# deny 10.1.1.0 0.0.255.255

47.20 permit | deny(ipv6 extended)

Command:

[no] {deny | permit} icmp {{<sIPv6Prefix/sPrefixlen>} | any-source | {host-source

<sIPv6Addr>}} {<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}}

[<icmp-type> [<icmp-code>]] [dscp <dscp>] [flow-label <fl>][time-range <time-range-name>]

[no] {deny | permit} tcp { <sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr> }}

[s-port { <sPort> | range <sPortMin> <sPortMax> }] { <dIPv6Prefix/dPrefixlen> |

any-destination | {host-destination <dIPv6Addr> }} [d-port { <dPort> | range <dPortMin>

<dPortMax> }] [syn | ack | urg | rst | fin | psh] [dscp <dscp> ] [flow-label <fl> ][time-range

<time-range-name> ]