Table of Contents
Advertisement
access-list
Standard IP access list:
Syntax
access-list accessListName { permit | deny }
{ srcIP srcWildIp | [ host ] srcIPHost | any } [ log ]
no access-list accessListName [ { permit | deny }
{ srcIP srcWildIp | [ host ] srcIPHost | any } [ log ] ]
Extended IP access list:
access-list accessListName { permit | deny } ip { srcIP srcWildIp |
host srcIPHost | any } { dstIP dstWildIp | host dstIPHost | any } [ log ]
no access-list accessListName [ { permit | deny } ip { srcIP srcWildIp |
host srcIPHost | any } { dstIP dstWildIp | host dstIPHost | any } [ log ] ]
Command introduced before JUNOSe Release 7.1.0.
Release Information
Defines a standard or extended IP access list. The extended access list enables you
Description
to specify a destination address or host, precedence, and type of service. This
command imposes an implicit last rule of " deny ip any any" to deny all routes that
do not match previous rules in the access list. The no version removes the IP access
list, the specified entry in an access list, or the log for a specified entry.
Options
Global Configuration
Mode
accessListName String of up to 32 alphanumeric characters
permit Permits access if the conditions are matched
deny Denies access if the conditions are matched
srcIP—Source IP address from which the packet is being sent
srcWildIp—Wildcard mask IP address
host—Identifies the address as a host
srcIPHost—Source host IP address; assumes a wildcard mask of 0
any—Creates an address of 0.0.0.0 with a wildcard mask of 255.255.255.255
dstIP Destination IP address
dstWildIp Wildcard mask IP address for destination
dstIPHost Destination host IP address to which the packet is being sent
log Logs an Info event into the ipAccessList log whenever the access-list rule is
matched
Chapter 2: A Commands
79
access-list
Advertisement
Table of Contents
Need help?
Do you have a question about the JUNOSE SOFTWARE 11.0.X - COMMAND REFERENCE A TO M 1-11-2010 and is the answer not in the manual?
Questions and answers