288
Default: No access-list configured.
Examples: Create the extended access-list, deny icmp packet to pass, and permit udp
packet with destination address 192. 168. 0. 1 and destination port 32 to pass.
Switch(config)# access-list ip extended udpFlow
Switch(Config-IP-Ext-Nacl-udpFlow)#deny igmp any any-destination
Switch(Config-IP-Ext-Nacl-udpFlow)#permit udp any host-destination 192.168.0.1 d-port
32
27.19 permit | deny(ip standard)
Command: {deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source
<sIpAddr>}}
no {deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source
<sIpAddr>}}
Functions: Create a name standard IP access rule, and ―no {deny | permit}
{{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}}‖ action of this
command deletes this name standard IP access rule.
Parameters: <sIpAddr> is the source IP address, the format is dotted decimal notation;
<sMask > is the reverse mask of source IP, the format is dotted decimal notation.
Command Mode: Name standard IP access-list configuration mode
Default: No access-list configured.
Example: Permit packets with source address 10.1.1.0/24 to pass, and deny other
packets with source address 10.1.1.0/16.
Switch(config)# access-list ip standard ipFlow
Switch(Config-Std-Nacl-ipFlow)# permit 10.1.1.0 0.0.0.255
Switch(Config-Std-Nacl-ipFlow)# deny 10.1.1.0 0.0.255.255
27.20 permit | deny(ipv6 standard)
Command: [no] {deny | permit} {{<sIPv6Prefix/sPrefixlen>} | any-source |
{host-source <sIPv6Addr>}}
Function: Create a standard nomenclature IPv6 access control rule; the ―no‖ form of this
command deletes the nomenclature standard IPv6 access control rule.
Parameter: <sIPv6Prefix> is the prefix of the source IPv6 address, <sPrefixlen> is the
To Next Page
Loading...
