14-15
14.1.8 permit
Extended ACL Config Commands
Use this command to permit specific packets.
Syntax
permit {ip} {source/source-mask | host source | any} {destination/destination-
mask | host destination | any} [log] [rule-precedence access-list-entry
precedence]
permit {icmp} {source/source-mask | host source | any} {destination/ destination-
mask | host destination | any} [icmp-type | [icmp-type icmp-code]] [log] [rule-
precedence access-list-entry precedence]
permit{tcp|udp} {source/source-mask | host source | any} [operator source-port]
{destination/destination-mask | host destination | any} [operator destination-
port] [log] [rule-precedence access-list-entry precedence]
Parameters
NOTE ACLs do not allow DHCP messages to flow by default. Configure an Access
Control Entry (ACE) to allow DHCP messages to flow through.
RFS7000(config-ext-nacl)#permit ip 192.168.1.0/24 192.168.2.0/24
RFS7000(config-ext-nacl)#permit ip any host 255.255.255.255
RFS7000(config-ext-nacl)#
permit {ip}
{source/source-mask |
host source | any}
{destination/destination-
mask | host destination |
any}
[log]
[rule-precedence access-
list-entry precedence]
Use the permit command to allow IP packets.
• permit – The keyword specifies permit action on an ACL.
•{ip} – Specify IP (to match any protocol).
• {source/source-mask | host source | any} – source is the source IP
address of the network or host in dotted decimal. Source-mask is the
network mask. For example, 10.1.1.10/24 indicates the first 24 bits of the
source IP are used for matching.
• any is an abbreviation for source IP of 0.0.0.0 and source-mask bits
equal to 0.
• host is an abbreviation for exact source (A.B.C.D) and source-mask
bits equal to 32.
• {destination/destination-mask | host destination | any} – The destination
host IP address or destination network address.
• [log] – Generates log messages when the packet coming from the
interface matches the ACL entry. Log messages are generated only for
router ACLs.
• [rule-precedence access-list-entry precedence] – Integer value between 1-
5000. This value sets the rule precedence in the ACL.
To Next Page
Loading...
