Release 1.0

Access List Commands

 

 

To configure an extended access list for IGMP, use the following command:

access-list any host diff-serv

<100-199><2000-2699> {deny permit} igmp {<A.B.C.D> <A.B.C.D> <A.B.C.D>} (<A.B.C.D> <A.B.C.D> any host <A.B.C.D>} [<0-255> host-queryhost-reportpim ]

To configure an extended access list for TCP, use the following command:

access-list<100-199><2000-2699> {deny permit} tcp {<A.B.C.D> <A.B.C.D> any host <A.B.C.D>} (<A.B.C.D> <A.B.C.D> any host <A.B.C.D>} [diff-serv<0-63> eq [<0-65535> bgp chargen cmd daytime discard domain echo exec finger ftp ftp-datagopher gt hostname ident irc klogin kshell login lpd lt neq nntp pim-auto-rppop2 pop3 smtp sunrpc talk telnet time uucp whois www ]]

To configure an extended access list for UDP, use the following command:

access-list<100-199><2000-2699> {deny permit} udp {<A.B.C.D> <A.B.C.D> any host <A.B.C.D>} (<A.B.C.D> <A.B.C.D> any host <A.B.C.D>} [diff-serv<0-63>eq [<0-65535> biff bootpc discard domain echo gt lt mobile-ipneq netbios-dgmnetbios-nsnetbios-ssntp pim-auto-rprip snmp snmptrap sunrpc syslog talk tftp time who xdmcp ]]

To remove an access list, use the following command: no access-list<100-199> <2000-2699>

Command Syntax

100-199

extended access list

2000-2699

extended IP access list (expanded

 

range)

deny

deny access if conditions are matched

permit

permit access if conditions are matched

526363-001-00 Rev. B

MGBI

5-5

Page 390 Page 392
Page 391
Image 391
Motorola BSR 2000 manual Access-list any host diff-serv
Page 390 Page 392
Top Page Image Contents