ACL Command s
permit (ip)
SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide 49
3
Example
The following example shows how to create an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)#
permit (ip)The permit IP-Access List Configuration mode command permits traffic if the
conditions defined in the permit statement match.
Syntax
permit {any |
protocol
} {any | {
source source-wildcard
}} {any | {
destination
destination-wildcard
}} [dscp
dscp-number
| ip-precedence
ip-precedence
]
permit-icmp {any | {
source source-wildcard
}} {any | {
destination destination-
wildcard
}} {ny |
icmp-type
} {any |
icmp-code
} [dscp
dscp-number
| ip-precedence
ip-precedence
]
permit-igmp {any | {
source source-wildcard
}} {any | {
destination destination-
wildcard
}} {ny |
igmp-type
} [dscp
dscp-number
| ip-precedence
ip-precedence
]
permit-tcp {any | {
source source-wildcard
}} {any |
source-port
} {any |{
destination
destination-wildcard
}} {ny |
destination-port
} [dscp
dscp-number
| ip-precedence
ip-precedence
] [flags
list-of-flags
]
permit-udp {any | {
source source-wildcard
}} {any |
source-port
} {any | {
destination
destination-wildcard
}} {any |
destination-port
} [dscp
dscp-number
| ip-precedence
ip-precedence
]
Parameters
•
source
— Specifies the source IP address of the packet. Specify any to
indicate IP address 0.0.0.0 and mask 255.255.255.255.
•
source-wildcard
— Specifies wildcard to be applied to the source IP
address. Use 1s in bit positions to be ignored. Specify any to indicate IP
address 0.0.0.0 and mask 255.255.255.255.