Named ipv4 acl icmp permit example 2, Ble 172. named ipv4 acl tcp deny example 2 – Allied Telesis AT-8100 Series User Manual

Chapter 98: Advanced Access Control Lists (ACLs)

1542

This example creates a Named IPv4 ICMP ACL, called “icmppermit,” that
permits ICMP packets from any IP source address to any IP destination
address on VLAN 12:

This example creates a Named IPv4 ACL, called “tcpdeny,” that denies
TCP packets from source IPv4 address 152.12.45.2/32 to destination IPv4
address 152.12.45.3/32 on VLAN 5:

Define a Named IPv4 Address ACL that
filters traffic flows based on protocol
numbers and source and destination IP
addresses.

action

proto protocol_number

scr_ip_address dest_ipaddress

time-range

[vlan

vid

]

Define a Named IPv4 Address ACL that
filters TCP packets based on source and
destination IP addresses.

action

tcp

scr_ipaddress

gt|lt|ne|range|eq

src_tcp_port

dest_ipaddress gt|lt|ne|range|eq

dsp_tcp_port time-range

[vlan

vid

]

Define a Named IPv4 Address ACL that
filters UDP packets based on source and
destination IP addresses.

action

udp

scr_ipaddress

gt|lt|ne|range|eq src_upd_port
dest_ipaddress gt|lt|ne|range|eq
dst_upd_port

time-range

[vlan

vid

]

Table 170. IP ACCESS-LIST Commands for Creating Named IPv4 ACLs (Continued)

To Do This Task

Use this Command

Table 171. Named IPv4 ACL ICMP Permit Example

Command Description

awplus> enable

Enter the Privileged Executive mode from the
User Executive mode.

awplus# configure terminal

Enter the Global Configuration mode.

awplus(config)# ip access-list
icmppermit

Create a named IPv4 ACL called
“icmppermit” and enter the IP ACL mode.

awplus(config-ip-acl)# permit icmp
any any vlan 12

Allow the filter to permit ICMP ingress
packets from any source IPv4 address to any
destination IPv4 address on VLAN 12.

Table 172. Named IPv4 ACL TCP Deny Example

Command Description

awplus> enable

Enter the Privileged Executive mode
from the User Executive mode.

awplus# configure terminal

Enter the Global Configuration mode.