D-Link DGS-1510 Series

To Next Page

To Previous Page

DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide

4-17 permit | deny (expert access-list)

This command is used to add a permit or deny entry. Use the no form of this command to remove an

entry.

Extended Expert ACL:

[SEQUENCE-NUMBER] {permit | deny} PROTOCOL {SRC-IP-ADDR SRC-IP-WILDCARD | host

SRC-IP-ADDR | any} {SRC-MAC-ADDR SRC-MAC-WILDCARD | host SRC-MAC-ADDR | any}

{DST-IP-ADDR DST-IP-WILDCARD | host DST-IP-ADDR | any} {DST-MAC-ADDR DST-MAC-

WILDCARD | host DST-MAC-ADDR | any} [cos OTER-COS] [vlan OUTER-VLAN] [fragments]

[[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-NAME]

[SEQUENCE-NUMBER] {permit | deny} tcp {SRC-IP-ADDR SRC-IP-WILDCARD | host SRC-IP-

ADDR | any} {SRC-MAC-ADDR SRC-MAC-WILDCARD | host SRC-MAC-ADDR | any} [{eq | lt |

gt | neq} PORT | range MIN-PORT MAX-PORT] {DST-IP-ADDR DST-IP-WILDCARD | host DST-

IP-ADDR | any} {DST-MAC-ADDR DST-MAC-WILDCARD | host DST-MAC-ADDR | any} [{eq | lt

| gt | neq} PORT | range MIN-PORT MAX-PORT] [TCP-FLAG] [cos OUTER-COS] [vlan

OUTER-VLAN] [[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-

NAME]

[SEQUENCE-NUMBER] {permit | deny} udp {SRC-IP-ADDR SRC-IP-WILDCARD | host SRC-

IP-ADDR | any} {SRC-MAC-ADDR SRC-MAC-WILDCARD | host SRC-MAC-ADDR | any} [{eq |

lt | gt | neq} PORT | range MIN-PORT MAX-PORT] {DST-IP-ADDR DST-IP-WILDCARD | host

DST-IP-ADDR | any} {DST-MAC-ADDR DST-MAC-WILDCARD | host DST-MAC-ADDR | any}

[{eq | lt | gt | neq} PORT | range MIN-PORT MAX-PORT] [cos OUTER-COS] [vlan OUTER-

VLAN] [[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-NAME]

[SEQUENCE-NUMBER] {permit | deny} icmp {SRC-IP-ADDR SRC-IP-WILDCARD | host SRC-

IP-ADDR | any} {SRC-MAC-ADDR SRC-MAC-WILDCARD | host SRC-MAC-ADDR | any} {DST-

IP-ADDR DST-IP-WILDCARD | host DST-IP-ADDR | any} {DST-MAC-ADDR DST-MAC-

WILDCARD | host DST-MAC-ADDR | any} [ICMP-TYPE [ICMP-CODE] | ICMP-MESSAGE] [cos

OUTER-COS] [vlan OUTER-VLAN] [[precedence PRECEDENCE] [tos TOS] | dscp DSCP]

[time-range PROFILE-NAME]

no SEQUENCE-NUMBER

Parameters

SEQUENCE-NUMBER

Specifies the sequence number. The range is from 1 to 65535. The

lower the number is, the higher the priority of the permit/deny rule.

cos OUTER-COS

(Optional) Specifies the outer priority value. This value must be

between 0 and 7.

vlan OUTER-VLAN

(Optional) Specifies the outer VLAN ID.

any

Specifies to use any source MAC address, any destination MAC

address, any source IP address, or any destination IP address.

host SRC-MAC-ADDR

Specifies a specific source host MAC address.

SRC-MAC-ADDR SRC-MAC-

WILDCARD

Specifies a group of source MAC addresses by using a wildcard

bitmap. The bit corresponding to the bit value 1 will be ignored. The

bit corresponding to bit value 0 will be checked.

host DST-MAC-ADDR

Specifies a specific destination host MAC address.

DST-MAC-ADDR DST-MAC-

WILDCARD

Specifies a group of destination MAC addresses by using a wildcard

bitmap. The bit corresponding to the bit value 1 will be ignored. The

bit corresponding to the bit value 0 will be checked.

PROTOCOL

(Optional) Specifies the IP protocol ID. Enter the following

keywords: eigrp, esp, gre, igmp, ospf, pim, vrrp, pcp, and ipinip.

host SRC-IP-ADDR

Specifies a specific source host IP address.

SRC-IP-ADDR SRC-IP-

Specifies a group of source IP addresses by using a wildcard

Main Page

D-Link DGS-1510 Series - Page 54

Table of Contents

Other manuals for D-Link DGS-1510 Series

Related product manuals