Command Mode
Global Configuration
Command Usage
• An egress ACL must contain all deny rules.
• When you create a new ACL or enter configuration mode for an
existing ACL, use the permit or deny command to add new rules to
the bottom of the list. To create an ACL, you must add at least one rule
to the list.
• To remove a rule, use the no permit or no deny command followed
by the exact text of a previously configured rule.
• An ACL can contain up to 32 rules.
Example
Console(config)#access-list ip standard david
Console(config-std-acl)#
Related Commands
permit, deny 4-122
ip access-group (4-132)
show ip access-list (4-126)
access-list ip extended fragment-auto-mask
This command automatically creates extra masks to support fragmented
ACL entries. Use the no form to disable this feature.
Syntax
[no] access-list ip extended fragment-auto-mask
Default Setting
Disabled
Command Mode
Global Configuration
A
C
CCESS
ONTROL
L
C
IST
OMMANDS
4-121