A
CCESS
C
ONTROL
L
IST
C
OMMANDS
3-175
Example
This example configures one permit rule for the specific address 10.1.1.21
and another rule for the address range 168.92.16.x – 168.92.31.x using a
bitmask.
Related Commands
access-list ip (3-174)
permit, deny (Extended ACL)
Use this command to add a rule to an Extended IP ACL. The rule sets a
filter condition for packets with specific source and destination IP
addresses, protocol types, source and destination TCP/UDP ports, or
TCP control codes. Use the no form to remove a rule.
Syntax
{permit | deny} {any | source bitmask | host source}
{any | destination bitmask | host destination} [protocol
protocol-number]
no {permit | deny} {any | source bitmask | host source}
{any | destination bitmask | host destination} [protocol
protocol-number]
{permit | deny} {tcp} {any | source bitmask | host source}
{any | destination bitmask | host destination}
[source-port source-port] [destination-port destination-port]
[control-flag control-flag flag-bitmask]
no {permit | deny} {tcp} {any | source bitmask | host source}
{any | destination bitmask | host destination}
[source-port source-port] [destination-port destination-port]
[control-flag control-flag flag-bitmask]
{permit | deny} {udp} {any | source bitmask | host source}
{any | destination bitmask | host destination}
[source-port source-port] [destination-port destination-port]
Console(config-std-acl)#permit host 10.1.1.21
Console(config-std-acl)#permit 168.92.16.0 255.255.240.0
Console(config-std-acl)#
To Next Page
Loading...
