Asus GigaX2024SX User Manual

Syntax

[no] access-list ip {standard | extended} acl_name

pecifies an ACL that filters packets based on the source or

destination IP address, and other more specific criteria.

me of the ACL. (Maximum length: 16 characters)

Def

Command Mode
Global Configuration

ode for an existing ACL,

use the permit or deny command to add new rules to the bottom of the list.

ove a rule, use the no permit or no deny command followed by the

ex
•
E

• standard – Specifies an ACL that filters packets based on the source IP
address.
• extended – S

• acl_name – Na

ault Setting

None

Command Usage
• When you create a new ACL or enter configuration m

To create an ACL, you must add at least one rule to the list.
• To rem

act text of a previously configured rule.

An ACL can contain up to 32 rules.

xample

R

p

ACL. The rule sets a filter condition

ating from the specified source. Use the no form to remove a

} {any | source bitmask | host source}

ch.

ic IP address.

D

ntegers from 0

ask uses 1 bits to indicate

and 0 bits to indicate “ignore.” The bitmask is bitwise ANDed with the

specified source IP address, and then compared with the address for each IP

elated Commands

permit, deny 4-122
ip access-group (4-126)
show ip access-list (4-126)

ermit, deny (Standard ACL)

dds a rule to a Standard IP

This command a
for p

s eman

acket

rule.
Syntax

y

[no] {permit | den
• any – Any source IP address.
• source – Source IP address.

ting the address bits to mat

• bitmask – Decimal number represen

by a specif

• host – Keyword followed

efault Setting

None
Command Mode
Standard ACL
Command Usage

• New rules are appended to the end of the list.

ontaining four i

• Address bitmasks are similar to a subnet mask, c

each separated by a period. The binary m

to 255,
“match”

4-92