PLANET XGS3-24040 User Manual

Chapter 46 ACL Configuration

46-3

5. Clear the filtering information of the specified port

1. Configuring access-list

(1) Configuring a numbered standard IP access-list

Command

Explanation

Global Mode

access-list {deny | permit} {{

} | any-source | {host-source }}

no access-list

Creates a numbered standard IP

access-list, if the access-list

already exists, then a rule will

add to the current access-list;

the “no access-list

“ command deletes a

numbered standard IP

access-list.

(2) Configuring a numbered extensive IP access-list

Command

Explanation

Global Mode

access-list {deny | permit} icmp {{

} | any-source | {host-source }}

{{ } | any-destination |

{host-destination }} [

[]] [precedence ] [tos

][time-range]

Creates a numbered ICMP

extended IP access rule; if the

numbered extended access-list of

specified number does not exist,

then an access-list will be created

using this number.

access-list {deny | permit} igmp {{

} | any-source | {host-source }}

{{ } | any-destination |

{host-destination }} []

[precedence ] [tos

][time-range]

Creates a numbered IGMP

extended IP access rule; if the

numbered extended access-list of

specified number does not exist,

then an access-list will be created

using this number.

access-list {deny | permit} tcp {{

} | any-source | {host-source }}

[s-port { | range }]

{{ } | any-destination |

{host-destination }} [d-port { |

range }]

[ack+fin+psh+rst+urg+syn] [precedence ] [tos

][time-range]

Creates a numbered TCP

extended IP access rule; if the

numbered extended access-list of

specified number does not exist,

then an access-list will be created

using this number.

access-list {deny | permit} udp {{

} | any-source | {host-source }}

[s-port { | range }]

Creates a numbered UDP

extended IP access rule; if the

numbered extended access-list of