245
[tos <tos>]
no access-list <num>
Function: Create a numbered extended IP access rule for specific IP protocol or all IP
protocols; if the numbered extended access list of specified number does not exist, then
an access list will be created using this number. The “no” form command deletes a
numbered extended IP access list.
Parameter: <num> is the access table number from 100 to 199; <sIpAddr> is the
source IP address in dot decimal format; <sMask > is the mask complement of the source
IP in dot decimal format; <dIpAddr> is the destination IP address in dot decimal format;
<dMask> is the mask complement of the destination IP in dot decimal format, 0 for
significant bit and 1 for ignored bit; <igmp-type> is the IGMP type; <icmp-type> is the
ICMP type; <icmp-code> is the ICMP protocol number; <prec> is the IP priority from 0 –
7; <tos> is the tos value from 0 -15; <sPort> is the source port number from 0 – 65535;
<dPort> is the destination port number from 0 – 65535.
Command mode: Global Mode
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific <num>, the ACL of this number will
be created, and entries can be added to that ACL.
Example: Create an extensive IP access list numbered as 110. Deny ICMP packets and
allow UDP packets destined for 192.168.0.1, port 32.
Switch(Config)#access list 110 deny icmp any-source any-destination
Switch(Config)#access list 110 permit udp any-source host-destination 192.168.0.1 d-port
32
9.2.2.2 access list(standard)
Command: access list <num> {deny | permit} {{<sIpAddr> <sMask >} | any-source |
{host-source <sIpAddr>}}
no access list <num>
Function: Create a numbered standard IP access list, if the access list already exists,
then a rule will add to the current access list; the “no access list <num>”
command deletes a numbered standard IP access list.
Parameter: <num> is the access list number from 1 to 99; <sIpAddr> is the source IP
address in dot decimal format; <sMask > is the mask complement for source IP
in dot decimal format.
Command mode: Global Mode
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific <num>, the ACL of this number will