Cisco Systems RJ-45-to-AUX - page 275

(less than), gt (greater than), eq (equal), neq (not equal), and range (inclusive range).

•

Warning The log command is optional and logs information about all packets that match the access list entry.

Enabling this feature uses considerable processing power. You should use it for troubleshooting

purposes only.

Let’s take a look at the any parameter:

CAT5KRSM(config)# access−list 199 permit tcp 0.0.0.0 255.255.255.255

0.0.0.0 255.255.255.255 gt 255

CAT5KRSM(config)# access−list 199 permit tcp any any gt 255

The first line indicates that access list 199 permits any address to enter the interface for TCP port 25, which is

the well−known TCP port for Simple Mail Transfer Protocol (SMTP). The second line does the same thing,

but instead of using the TCP port number, it uses the acronym.

CAT5KRSM(config)# access−list 199 permit tcp host 38.187.128.6 any eq smtp

The following example permits User Datagram Protocol (UDP) packets with a DNS name as the destination:

CAT5KRSM(config)# access−list 199 permit udp any eq domain any

You can add a message in your access list by using the remark command. This command can help you

identify lines in your access list. The following is an example of using the remark command:

CAT5KRSM(config)# access−list 1 remark Sabrina’s IP Address

Access lists are created in various ways. Once they’re created, you can use different commands to apply an

access list to various types of interfaces.

Tip To disallow the flow of data through any port or interface, use the in syntax. To allow data to flow

through the switch but not exit out a certain interface or port, use the out syntax on the outbound

The following list shows the different commands and the types of interfaces associated with each command: