2 access list(standard), 3 firewall, 4 firewall default – Accton Technology ES4710BD User Manual
Page 273
272
E
ES4710BD 10 Slots L2/L3/L4 Chassis Switch
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific
created, and entries can be added to that ACL.
Example: Creating an extensive IP access list numbered as 110. Denying ICMP packets and
allowing UDP packets destined for 192.168.0.1, port 32.
Switch(Config)#access list 110 deny icmp any-source any-destination
Switch(Config)#access list 110 permit udp any-source host-destination 192.168.0.1 d-port 32
12.2.2.2 access
list(standard)
Command: access list
{host-source
no access list
Function: Creates a numbered standard IP access list, if the access list already exists, then a rule
will add to the current access list; the “no access list
numbered standard IP access list.
Parameters:
decimal format; <sMask > is the mask complement for source IP in decimal format.
Command mode: Global Mode
Default: No IP address is configured by default.
Usage Guide: When the user first specifies a specific
created, and entries can be added to that ACL.
Example: Creating a standard IP access list numbered 20, allowing packets from 10.1.1.0/24 and
denying packets from 10.1.1.0/16.
Switch(Config)#access list 20 permit 10.1.1.0 0.0.0.255
Switch(Config)#access list 20 deny 10.1.1.0 0.0.255.255
12.2.2.3 firewall
Command: firewall { enable | disable}
Function: Enables or disable firewall.
Parameters: Enables for allow firewall function; disable for prevent firewall action.
Default: The firewall is disabled by default.
Command mode: Global Mode
Usage Guide: Access rules can be configured regardless of firewall status. But the rules can only be
applied to the specified direction of specified ports when the firewall is enabled.
When the firewall is disabled, all ACL bound to the ports will be deleted.
Example: enabling firewall.
Switch(Config)#firewall enable
12.2.2.4 firewall
default