Command Line Interface
694 1553-KDU 137 365 Uen D 2006-06-16
the address for each IP packet entering the port(s) to which this ACL
has been assigned.
Example
This example configures one permit rule for the specific address 10.1.1.21 and
another rule for the address range 168.92.16.x – 168.92.31.x using a bitmask.
Related Commands
access-list ip (section 7.8.1 on page 692)
7.8.3 permit, deny (Extended ACL)
This command adds a rule to an Extended IP ACL. The rule sets a filter condition
for packets with specific source or destination IP addresses, protocol types,
source or destination protocol ports, or TCP control codes. Use the no form to
remove a rule.
Syntax
[no] {permit | deny} [<protocol-number> | udp]
{any | <source> <address-bitmask> | host <source>}
{any | <destination> <address-bitmask> |
host <destination>} [precedence <precedence>]
[tos <tos>] [dscp <dscp>] [source-port <sport>
[bitmask]] [destination-port <dport> [port-
bitmask]]
[no] {permit | deny} tcp
{any | <source> <address-bitmask> | host <source>}
{any | <destination> <address-bitmask> |
host <destination>} [precedence <precedence>]
[tos <tos>] [dscp <dscp>] [source-port <sport>
[bitmask]] [destination-port <dport> [port-
bitmask]] [control-flag <control-flags> <flag-
bitmask>]
Console(config-std-acl)#permit host 10.1.1.21
Console(config-std-acl)#permit 168.92.16.0 255.255.240.0
Console(config-std-acl)#
To Next Page
Loading...
