Ruijie RG-WLAN Series - Access List; ACL Commands

To Next Page

To Previous Page

Command Reference ACL Commands

ACL Commands

access-list

Use this command to create an access list rule to filter data packets. The no form of this command

deletes the specified access list entries.

1) Standard IP access list (1 to 99, 1300 to 1999)

access-list id { deny | permit } { source source-wildcard | host source | any | interface idx }

[time-range tm-range-name ] [ log ]

2) Extended IP access list (100 to 199, 2000 to 2699 )

access-list id { deny | permit } protocol {source source-wildcard | host source | any | interface idx }

{ destination destination-wildcard | host destination | any } [ precedence precedence] [ tos tos ]

[ fragment ] [ range lower upper ] [ time-range time-range-name] [ log ]

3) Extended MAC access list (700 to 799)

access-list id { deny | permit} {any | host source-mac-address } { any | host

destin

ation-mac-address } [ ethernet-type ] [ cos [ out ] [ inner in ] ]

4) Extended expert access list (2700 to 2899)

access-list id { deny | permit } [ protocol | [ ethernet-type ] [ cos [ out ] [ inner in ] ] ] [ VID [ out ]

[ inner in ] ] { source source-wildcard | host source | any } { host source-mac-address | any }

{ destination destination-wildcard | host destination | any} { host destination-mac-address | any } ]

[ precedence precedence ] [ tos tos ] [ fragment ] [ time-range time-range-name ]

 When you select the Ethernet-type field or cos field:

access-list id { deny | permit } { ethernet-type | cos [ out ] [ inne

r in ] } [ VID [ out ] [ inner in ] ]

{ source source-wildcard | host source | any } { host source-mac-address | any } { destination

destination-wildcard | host destination | any } { host destination-mac-address | any } [ time-range

time-range-name ]

 When you select the protocol field:

access-list id { deny | permit } protocol [ VID [out][inner in ] ] {source source-wildcard | host source |

any } { host source-mac-address | any } {destination destination-wildcard | host destination | any }

{ host destination-mac-address | any } [ precedence precedence ] [ tos tos ] [ fragm

ent] [range

lower upper ] [ time-range time-range-name ]

 Extended expert ACLs of some important protocols:

Internet Control Message Protocol (ICMP)

access-list id { deny | permit } icmp [ VID [ out ] [ inner in ] ] { source source-wildcard | host source

| any } { host source-mac-address | any } { destination destination-wildcard | host destination | any}

{host destination-mac-address | any} [ icmp-type ] [ [ icmp-type [icmp-code ] ] | [ icmp-message ] ]

[precedence precedence] [tos tos] [fragment] [time-range time-range-name]

Transmission Control Protocol (TCP)

access-list id {de

ny | permit} tcp [VID [out][inner in]]{source source-wildcard | host Source | any}

{host source-mac-address | any } [operator port [port] ] {destination destination-wildcard | host

destination | any} {host destination-mac-address | any} [operator port [port] ] [precedence

precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name] [ match-all

Main Page

Ruijie RG-WLAN Series - Access List; ACL Commands

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Related product manuals