beautypg.com

Filter (access-list) commands, C-19, Table c-11, filter commands – Paradyne 9788 User Manual

Page 283

background image

C. Router CLI Commands, Codes, and Designations

9700-A2-GB20-20

December 2002

C-19

Filter (access-list) Commands

Filter commands are used to create or delete Access Lists.

Table C-11. Filter Commands (1 of 4)

access-list

access-list-num [{permit | deny}

{{

source-ip [source-wildcard ] | any | host source-host-ip} |

{

protocol {source-ip source-wildcard | any | host source-host-ip}

[

src-operator src-port [src-end-port ] ]

{

dest-ip dest-wildcard | any | host dest-host-ip}

[ [

icmp-msg-type [icmp-msg-code ] ] |

[

dest-operator dest-port [dest-end-port ] ] ] }|

{

type-code [range end-type-code] } }

no

access-list

access-list-num [{permit | deny}

{{

source-ip [source-wildcard] | any | host source-host-ip} |

{

protocol {source-ip source-wildcard | any | host source-host-ip}

[

src-operator src-port [src-end-port] ]

{

dest-ip dest-wildcard | any | host dest-host-ip}

[ [

icmp-msg-type [icmp-msg-code ] ] |

[

dest-operator dest-port [dest-end-port ] ] ] } |

{

type-code [ range end-type-code] } }

Minimum Access Level: Administrator
Command Mode: config

Allows a user to create or delete a rule for an access list. Access lists default to an implicit
deny statement for everything. Access lists are terminated by an implicit deny.

access-list-num – The access list number. Valid ranges for access lists are:

1–99 – Standard IP access lists.

100–199 – Extended IP access lists.

200–299 – Protocol type-code access lists.

permit – Specifies to permit access and forward packets matching the criteria.

deny – Specifies to deny access and discard packets matching the criteria.

For Standard IP Access Lists:

Example: access-list 1 permit 10.1.1.1

source-ip – The source IP Address to match.

source-wildcard – Specifies a 32-bit wildcard mask indicating the bit positions in the
source IP address to ignore during matches. This argument must be supplied when a
source-ip address is specified.

any – Specifies to match any source host. A source-ip of 0.0.0.0 and a source-wildcard

of

255.255.255.255 are specified.

host – Specify a single host source address to match.

source-host-ip – The source host IP address to match.

(Continued on next page)

This manual is related to the following products:
See also other documents in the category Paradyne Hardware: