268
EES4710BD 10 Slots L2/L3/L4 Chassis Switch
access list <num> {deny | permit}
{{<sIpAddr> <sMask>} | any-source |
{host-source <sIpAddr>}}
no access list <num>
Creates a numbered standard IP access list, if the
access list already exists, then a rule will add to
the current access list; the “no access list
<num>” command deletes a numbered standard
IP access list.
(2) Configuring a numbered extensive IP access list
Command Explanation
Global Mode
access list <num> {deny | permit} icmp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
{{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [<icmp-type>
[<icmp-code>]] [precedence <prec>] [tos <tos>]
Creates a numbered ICMP
extended IP access rule; if the
numbered extended access list of
specified number does not exist,
then an access list will be created
using this number.
access list <num> {deny | permit} igmp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
{{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [<igmp-type>]
[precedence <prec>] [tos <tos>]
Creates a numbered IGMP
extended IP access rule; if the
numbered extended access list of
specified number does not exist,
then an access list will be created
using this number.
access list <num> {deny | permit} tcp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
[s-port <sPort>] {{<dIpAddr> <dMask>} |
any-destination | {host-destination <dIpAddr>}} [d-port
<dPort>] [ack | fin | psh | rst | syn | urg] [precedence
<prec>] [tos <tos>]
Creates a numbered TCP
extended IP access rule; if the
numbered extended access list of
specified number does not exist,
then an access list will be created
using this number.
access list <num> {deny | permit} udp {{<sIpAddr>
<sMask>} | any-source | {host-source <sIpAddr>}}
[s-port <sPort>] {{<dIpAddr> <dMask>} |
any-destination | {host-destination <dIpAddr>}} [d-port
<dPort>] [precedence <prec>] [tos <tos>]
Creates a numbered UDP
extended IP access rule; if the
numbered extended access list of
specified number does not exist,
then an access list will be created
using this number.
access list <num> {deny | permit} {eigrp | gre | igrp |
ipinip | ip | <int>} {{<sIpAddr> <sMask>} | any-source |
{host-source <sIpAddr>}} {{<dIpAddr> <dMask>} |
any-destination | {host-destination <dIpAddr>}}
[precedence <prec>] [tos <tos>]
Creates a numbered IP extended
IP access rule for other specific IP
protocol or all IP protocols; if the
numbered extended access list of
specified number does not exist,
then an access list will be created
using this number.
no access list <num> Deletes a numbered extensive IP
access list
3) Configuring a standard IP access list basing on nomenclature