Filter
Top Products
ACL Commands 245
containing this ACL rule is applied to an interface or bound to a VLAN, then
the ACL rule is applied when the time-range with specified name becomes
active. The ACL rule is removed when the time-range with specified name
becomes inactive.
access-list
list-name
{deny | permit} {every | {{icmp | igmp | ip | tcp |
udp |
number
} any|
srcip
srcmask
[{eq {
portkey
|
0-65535
}]
dstip dstmask
[{eq {
portkey
|
0-65535
}] [precedence
precedence
| tos
tos
tosmask
| dscp
dscp
] }[log] [time-range
time-range-name
] [assign-queue
queue-id
]
[{mirror | redirect}
interface-id
]
no access-list
list-name
Parameter Description
Parameter Description
list-name
Access-list name up to 31 characters in length.
deny
| permit Specifies whether the IP ACL rule permits or denies an action.
every Allows all protocols.
eq Equal. Refers to the Layer 4 port number being used as match
criteria. The first reference is source match criteria, the second
is destination match criteria.
number
Standard protocol number. Protocol keywords
icmp,igmp,ip,tcp,udp.
srcip
Source IP address.
srcmask
Source IP mask.
dstip
Destination IP address.
dstmask
Destination IP mask.
portvalue
The source layer 4 port match condition for the ACL rule is
specified by the port value parameter (Range: 0–65535).
portkey
Or you can specify the
portkey
, which can be one of the
following keywords: domain, echo, ftp, ftpdata, http, smtp,
snmp, telnet, tftp, and www.
log Specifies that this rule is to be logged.
time-range-name
Displays the name of the time-range if the ACL rule has
referenced a time range.
2CSPC4.XModular-SWUM200.book Page 245 Thursday, March 10, 2011 11:18 AM