Command Reference ACL Commands
tcp-flag | established ]
User Datagram Protocol (UDP)
access-list id {deny | permit} udp[VID [out][inner in]] {source source –wildcard | host source | any}
{host source-mac-address | any } [ operator port [port] ] {destination destination-wildcard | host
destination | any}{host destination-mac-address | any} [operator port [port] ] [precedence
precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name]
5) List remark
access-list id list-remark text
Parameter
Description
Parameter Description
id
Access list ID. The ranges available are 1 to 99, 100 to 199, 1300 to
1999, 2000 to 2699, 2700 to 2899, and 700 to 799.
deny
If not matched, access is denied.
permit
If matched, access is permitted.
source
Specify the source IP address (host address or network address).
source-wildcard
It can be discontinuous, for example, 0.255.0.32.
protocol
IP protocol number. It can be one of EIGRP, GRE, IPINIP, IGMP,
NOS, OSPF, ICMP, UDP, TCP, and IP. It can also be a number
representing the IP protocol between 0 and 255. The important
protocols such as ICMP, TCP, and UDP are described separately.
destination
Specify the destination IP address (host address or network
address).
destination-wildcard
Wildcard of the destination IP address. It can be discontinuous, for
example, 0.255.0.32.
fragment
Packet fragment filtering
precedence
Specify the packet priority.
precedence
Packet precedence value (0 to 7)
range
Layer4 port number range of the packet.
lower
Lower limit of the layer4 port number.
upper
Upper limit of the layer4 port number.
time-range
Time range of packet filtering
time-range-name
Time range name of packet filtering
tos
Specify type of service.
tos
ToS value (0 to 15)
icmp-type
ICMP message type (0 to 255)
icmp-code
ICMP message type code (0 to 255)
icmp-message
ICMP message type name
operator
Operator (lt-smaller, eq-equal, gt-greater, neq-unequal, range-range)
port [ port ]
Port number; range needs two port numbers, while other operators
only need one port number.
host source-mac-address
Source physical address
host
destination-mac-address
Destination physical address
To Next Page
Loading...
Need help?
General
