Ruijie Networks RG-S2600E Series Cli Reference Manual page 910

S2600E CLI Reference Guide Chapter 1 ACL Configuration Commands
The following example shows how to create and display an
Expert Extended ACL. This expert ACL permits all the TCP
packets with the source IP address 192.168.4.12 and the
source MAC address 001300498272.
Ruijie(config)#expert access-list extended exp-acl
Ruijie(config-exp-nacl)#permit tcp host 192.168.4.12
host 0013.0049.8272 any any
Ruijie(config-exp-nacl)#deny any any any any
Ruijie(config-exp-nacl)#show access-lists
expert access-list extended exp-acl
10 permit tcp host 192.168.4.12 host 0013.0049.8272 any
any
20 deny any any any any
Ruijie(config-exp-nacl)#
This example shows how to use the extended IP ACL. The
purpose is to permit the host with the IP address
192.168.4.12 to provide services through the TCP port 100
and apply the ACL to interface gigabitethernet 1/1. The
configuration procedure is as below:
Ruijie(config)# ip access-list extended 102
Ruijie(config-ext-nacl)# permit tcp host 192.168.4.12 eq
100 any
Examples
Ruijie(config-ext-nacl)# show access-lists
ip access-list extended 102
10 permit tcp host 192.168.4.12 eq 100 any
Ruijie(config-ext-nacl)#exit
Ruijie(config)#interface gigabitethernet 1/1
Ruijie(config-if)#ip access-group 102 in
Ruijie(config-if)#
This example shows how to use the extended MAC ACL.
The purpose is to permit the host with the MAC address
0013.0049.8272 to send Ethernet frames through the type
100 and apply the ACL to interface gigabitethernet 1/1. The
configuration procedure is as below:
Ruijie(config)#mac access-list extended 702
Ruijie(config-mac-nacl)#permit host 0013.0049.8272 any
aarp
Ruijie(config-mac-nacl)#show access-lists
mac access-list extended 702
10 permit host 0013.0049.8272 any aarp 702
Ruijie(config-mac-nacl)#exit
Ruijie(config)#interface gigabitethernet 1/1
Ruijie(config-if)#mac access-group 702 in