Chapter 10
| Access Control Lists
IPv4 ACLs
– 326 –
access-list ip
This command adds an IP access list and enters configuration mode for standard or
extended IPv4 ACLs. Use the
no
form to remove the specified ACL.
Syntax
[
no
]
access-list ip
{
standard
|
extended
} acl-name
standard
– Specifies an ACL that filters packets based on the source IP
address.
extended
– Specifies an ACL that filters packets based on the source or
destination IP address, and other more specific criteria.
acl-name – Name of the ACL. (Maximum length: 32 characters)
Default Setting
None
Command Mode
Global Configuration
Command Usage
◆
When you create a new ACL or enter configuration mode for an existing ACL,
use the
permit
or
deny
command to add new rules to the bottom of the list.
◆
To remove a rule, use the
no permit
or
no deny
command followed by the
exact text of a previously configured rule.
◆
An ACL can contain up to 1K rules.
Example
Console(config)#access-list ip standard david
Console(config-std-acl)#
Related Commands
permit, deny (326)
show ip access-list (331)
permit, deny
(Standard IP ACL)
This command adds a rule to a Standard IPv4 ACL. The rule sets a filter condition for
packets emanating from the specified source. Use the
no
form to remove a rule.
Syntax
{
permit
|
deny
} {
any
| source bitmask |
host
source}
[
time-range
time-range-name]
no
{
permit
|
deny
} {
any
| source bitmask |
host
source}
any
– Any source IP address.
source – Source IP address.
To Next Page
Loading...
