Access-list (extended numbered) – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 899
IPv4 Software Access Control List (ACL) Commands
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
35.13
access-list (extended numbered)
This command configures an extended numbered access-list that permits or denies
packets from specific source and destination IP addresses. You can either create an
extended numbered ACL together with an ACL filter entry in the Global Configuration
mode, or you can use the IPv4 Extended ACL Configuration mode for sequenced ACL filter
entry after entering a list number.
The no variant of this command removes a specified extended named access-list.
Syntax
[list-number]
access-list {<100-199>|<2000-2699>}
no access-list {<100-199>|<2000-2699>}
Syntax
[deny|permit]
access-list {<100-199>|<2000-2699>}
{deny|permit}
ip <source> <destination>
no access-list {<100-199>|<2000-2699>}
{deny|permit}
ip <source> <destination>
Parameter
Description
<100-199>
IP extended access-list.
<2000-2699>
IP extended access-list (expanded range).
Parameter
Description
<100-199>
IP extended access-list.
<2000-2699>
IP extended access-list (expanded range).
deny
Access-list rejects packets that match the source and destination
filtering specified with this command.
permit
Access-list permits packets that match the source and destination
filtering specified with this command.
<source>
The source address of the packets. You can specify a single host, a
subnet, or all sources. The following are the valid formats for
specifying the source:
any
Matches any source IP address.
host
Matches a single source host with the IP
address given by
decimal notation.
<ip-addr>
<reverse-mask>
An IPv4 address, followed by a reverse
mask in dotted decimal format. For
example, entering 192.168.1.1
0.0.0.255
is the same as entering
192.168.1.1/24
. This matches any
source IP address within the specified
subnet.