To Next Page

To Previous Page

ACL Configuring

123

Table 18-6 Detailed parameters of extended ACL as below: Table 18-6

Parameters

Function

Remark

protocol

IP protocol type

carried

A number in the range of 1 to 255

Represented by name, you can select

GRE, ICMP, IGMP, IPinIP, OSPF, TCP,

UDP

{ sour-address

ACL rules specified

the source address

information

sour-address sour-wildcard used to

determine the packet's source IP

address. Dotted decimal notation;

sour-wildcard|any }

sour-wildcard of 0 means that the host

address

any source address.

{ dest-addr

The purpose of ACL

rules specified

address information

dest-addr dest-wildcard used to

determine the packet destination

address, in dotted decimal notation;

dest-wildcard is 0, the host address

dest-wildcard| any}

Any is any destination address.

port

TCP / UDP port

number

——

precedence precedence

priority precedence

message

IP precedence values range from 0 to 7

tos tos

tos priority packets

ToS priority ranges from 0 to 15

dscp dscp

DSCP priority

Rule applies only to non-first fragment

packet effective

Level ranges from 0

to 63

fragment

fragmentation

information

time-range name

Create a time range

——

18.4.2 Configuration Procedure

!Create extended ACL based on digital identification to deny the FTP packets with source

address 10.0.0.1 .

Switch#configure terminal

Switch(config)#access-list 100 deny tcp 10.0.0.1 0 ftp any

!Create extended ACL based on name identification to deny the FTP packets with source

address 10.0.0.1.

Switch#configure terminal

Switch (config)#access-list extended extacl

Switch(config-ext-nacl-extacl)#deny tcp 10.0.0.2 0 ftp any

Brand	FoxGate
Model	S6424-S2C2 series
Category	Switch
Language	English

FoxGate S6424-S2C2 series User Manual

Table of Contents

Questions and Answers:

FoxGate S6424-S2C2 series Specifications

Related product manuals