Command Reference ACL Commands
Usage Guide Use show access-lists to display the ACL configurations.
Configuration
Examples
Create an extended expert ACL:
Ruijie(config)# expert access-list extended exp-acl
Ruijie(config-exp-nacl)# show access-lists expert access-list extended
exp-acl
Ruijie(config-exp-nacl)#
Create an extended expert ACL:
Ruijie(config)# expert access-list extended 2704
Ruijie(config-exp-nacl)# show access-lists access-list extended 2704
Ruijie(config-exp-nacl)#
Related
Commands
Command Description
show access-lists
Show the extended expert ACLs
Platform
Description
The expert ACL is not supported by routers.
ip access-group
Use this command to apply a specific ACL to an interface. The no form of this command cancels the
application.
ip access-group {id | name} {in | out} [unreflect | reflect]
no ip access-group { id | name} {in | out}
Parameter
Description
Parameter Description
id
ID of the IP ACL (1 to 199, 1300 to 2699)
name
Name of the IP ACL
in
Filter the incoming packets of the interface.
out
Filter the outgoing packets of the interface.
unreflect
Disable the Reflexive-ACL. (Working principle of the reflexive ACL: a.
A router generates a temporary access list automatically based on
layer-3 and layer-4 information of original traffic of the intranet. The
temporary access list is created based on the following rules:
Protocol unchanged, source-IP and destination-IP are strictly
exchanged with each other, and source-port and destination-port are
strictly exchanged with each other. b. Only when the layer-3 and
layer-4 information of the returned flow strictly matches with the
previous layer-3 and layer-4 information of the temporary access list
created based on outbound traffic, the router will permit the flow to
enter the intranet.)
To Next Page
Loading...
Need help?
General
