ES4710BD 10 Slots L2/L3/L4 Chassis Switch
Switch(Config)#ip access list extended udpFlow
12.2.2.9permit deny(standard)
Command: {deny permit} {{<sIpAddr> <sMask>}
Function: Creates a standard
Parameters: <sIpAddr> is the source IP address in decimal format; <sMask> is the mask complement for source IP in decimal format.
Command Mode:
Default: No IP address is configured by default.
Example: Allowing packets from 10.1.1.0/24 and denying packets from 10.1.1.0/16. Switch(Config)# ip access list standard ipFlow
12.3ACL Example
Scenario 1:
The user has the following configuration requirement: port 1/10 of the switch connects to 10.0.0.0/24 segment, ftp is not desired for the user.
Configuration description:
1. Create a proper ACL
2. Configuring packet filtering function
3. Bind the ACL to the port
The configuration steps are listed below:
Switch(Config)#access list 110 deny tcp 10.0.0.0 0.0.0.255
Switch(Config)#firewall default permit
Switch(Config)#interface ethernet 1/10
275