19 permit | deny (ip extended), Permit, Deny – PLANET XGS3-24040 User Manual
Page 741: Ip extended
Commands for Security Function Chapter 2 Commands for 802.1x
41-13
Default: No named MAC-IP access-list.
Usage Guide: After assigning this commands for the first time, only an empty name access-list is
created and no list item included.
Examples: Create an MAC-IP ACL named macip_acl.
Switch(config)# mac-ip-access-list extended macip_acl
Switch(Config-MacIp-Ext-Nacl-macip_acl)#
41.19 permit | deny (ip extended)
Command: [no] {deny | permit} icmp {{
[
[no] {deny | permit} igmp {{
{{
[precedence
[no] {deny | permit} tcp {{
[s-port {
{host-destination
[ack+fin+psh+rst+urg+syn] [precedence
[no] {deny | permit} udp {{
[s-port {
{host-destination
[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip | ospf | < protocol-num >} {{
{host-destination
Functions: Create a name extended IP access rule to match specific IP protocol or all IP protocol.
Parameters:
reverse mask of source IP, the format is dotted decimal notation;
the format is dotted decimal notation; <dMask> is the reverse mask of destination IP, the format is dotted
decimal notation, attentive position o, ignored position 1; <igmp-type>, the type of igmp, 0-15;
0-7;
source port;
Command Mode: Name extended IP access-list configuration mode
Default: No access-list configured.
Examples: Create the extended access-list, deny icmp packet to pass, and permit udp packet with
destination address 192. 168. 0. 1 and destination port 32 to pass.
Switch(config)# access-list ip extended udpFlow