157
255.255.255.0, the time-range for the rule to take effect is “tRange1”, and the
packets match this rule will be forwarded by the switch:
TL-SG5428(config)# access-list create 120
TL-SG5428(config)# access-list standard 120 rule 10 permit sip
192.168.0.100 smask 255.255.255.0 tseg tRange1
access-list extended
Description
The access-list extended command is used to add Extended-IP ACL rule. To
delete the corresponding rule, please use no access-list extended command.
Syntax
access-list extended acl-id rule rule-id { deny | permit } [ sip source-ip
smask source-ip-mask ] [ dip destination-ip dmask destination-ip-mask ] [ tseg
time-segment ] [ dscp dscp ] [ s-port s-port ] [ d-port d-port ] [ tcpflag tcpflag ]
[ protocol protocol ]
no access-list extended acl-id rule rule-id
Parameter
acl-id——The desired Extended-IP ACL for configuration.
rule-id —— The rule ID.
deny —— The operation to discard packets.
permit ——The operation to forward packets. It is the default value.
source-ip —— The source IP address contained in the rule.
source-ip-mask —— The source IP address mask. It is required if you typed
the source IP address.
destination-ip —— The destination IP address contained in the rule.
destination-ip-mask —— The destination IP address mask. It is required if you
typed the destination IP address.
time-segment —— The time-range for the rule to take effect. By default, it is
not limited.
dscp —— Specify the dscp value, ranging from 0 to 63.
s-port —— The source port number.
d-port —— The destination port number.
tcpflag —— Specify the flag value when using TCP protocol.
protocol —— Configure the value of the matching protocol.
To Next Page
Loading...
Need help?
General