Ruijie RG-S2600G-I Series

To Next Page

To Previous Page

CLI Reference Guide ACL Configuration Commands

upper] [time-range time-range-name]

Extended expert ACLs of some important protocols:

Internet Control Message Protocol (ICMP)

access-list id {deny | permit} icmp [VID [out][inner in]] {source source-wildcard | host source | any}

{host source-mac-address | any } {destination destination-wildcard | host destination | any} {host

destination-mac-address | any} [ icmp-type ] [ [ icmp-type [icmp-code ] ] | [ icmp-message ] ]

[precedence precedence] [tos tos] [fragment] [time-range time-range-name]

Transmission Control Protocol (TCP)

access-list id {deny | permit} tcp [VID [out][inner in]]{source source-wildcard | host Source | any}

{host source-mac-address | any } [operator port [port] ] {destination destination-wildcard | host

destination | any} {host destination-mac-address | any} [operator port [port] ] [precedence

precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name] [ match-all

tcp-flag | established ]

User Datagram Protocol (UDP)

access-list id {deny | permit} udp[VID [out][inner in]] {source source –wildcard | host source | any}

{host source-mac-address | any } [ operator port [port] ] {destination destination-wildcard | host

destination | any}{host destination-mac-address | any} [operator port [port] ] [precedence

precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name]

List remark

access-list id list-remark text

Parameter

Description

Parameter

Description

Access list ID. The ranges available are 1 to 99, 100 to 199, 1300 to

1999, 2000 to 2699, 2700 to 2899, and 700 to 799.

deny

If not matched, access is denied.

permit

If matched, access is permitted.

source

Specify the source IP address (host address or network address).

source-wildcard

It can be discontinuous, for example, 0.255.0.32.

protocol

IP protocol number. It can be one of EIGRP, GRE, IPINIP, IGMP,

NOS, OSPF, ICMP, UDP, TCP, and IP. It can also be a number

representing the IP protocol between 0 and 255. The important

protocols such as ICMP, TCP, and UDP are described separately.

destination

Specify the destination IP address (host address or network

address).

destination-wildcard

Wildcard of the destination IP address. It can be discontinuous, for

example, 0.255.0.32.

fragment

Packet fragment filtering

precedence

Specify the packet priority.

precedence

Packet precedence value (0 to 7)

range

Layer4 port number range of the packet.

lower

Lower limit of the layer4 port number.

upper

Upper limit of the layer4 port number.

time-range

Time range of packet filtering

time-range-name

Time range name of packet filtering

Main Page

Ruijie RG-S2600G-I Series - Page 906

Table of Contents

Related product manuals