ES4710BD 10 Slots L2/L3/L4 Chassis Switch
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific <num>, the ACL of this number will be created, and entries can be added to that ACL.
Example: Creating an extensive IP access list numbered as 110. Denying ICMP packets and allowing UDP packets destined for 192.168.0.1, port 32.
Switch(Config)#access list 110 deny icmp
12.2.2.2access list(standard)
Command: access list <num> {deny permit} {{<sIpAddr> <sMask >}
no access list <num>
Function: Creates a numbered standard IP access list, if the access list already exists, then a rule will add to the current access list; the “no access list <num>” command deletes a numbered standard IP access list.
Parameters: <num> is the access list number from 1 to 99; <sIpAddr> is the source IP address in decimal format; <sMask > is the mask complement for source IP in decimal format.
Command mode: Global Mode
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific <num>, the ACL of this number will be created, and entries can be added to that ACL.
Example: Creating a standard IP access list numbered 20, allowing packets from 10.1.1.0/24 and denying packets from 10.1.1.0/16.
Switch(Config)#access list 20 permit 10.1.1.0 0.0.0.255 Switch(Config)#access list 20 deny 10.1.1.0 0.0.255.255
12.2.2.3firewall
Command: firewall { enable disable}
Function: Enables or disable firewall.
Parameters: Enables for allow firewall function; disable for prevent firewall action.
Default: The firewall is disabled by default.
Command mode: Global Mode
Usage Guide: Access rules can be configured regardless of firewall status. But the rules can only be applied to the specified direction of specified ports when the firewall is enabled. When the firewall is disabled, all ACL bound to the ports will be deleted.
Example: enabling firewall. Switch(Config)#firewall enable
12.2.2.4firewall default
272