D-Link DXS-3600-16S Manual page 27
Dxs-3600 series layer 2/3 managed 10gbe switch
Hide thumbs
Also See for DXS-3600-16S:
- Hardware installation manual (36 pages) ,
- Quick installation manual (28 pages) ,
- Hardware installation manual (55 pages)
Table of Contents
Advertisement
Usage Guideline
Example
DXS-3600-32S#configure terminal
DXS-3600-32S(config)#ip access-list extended Ext-ip
DXS-3600-32S(config-ext-nacl)#end
DXS-3600-32S#show access-list
Standard IP access list 1998 Std-acl
10 permit 10.20.0.0 0.0.255.255
Standard IP access list 1999 Std-ip
Extended IP access list 3999 Ext-ip
DXS-3600-32S#
3-4 permit | deny (ip extended access-list)
Use the permit command to add a permit entry. Use the deny command to add a deny entry. Use the no command to
remove a specific entry.
Extended IP ACL:
[sn] {permit | deny} protocol {source source-wildcard | host source | any} {destination destination-wildcard | host
destination | any} [precedence precedence] [tos tos] [fragments] [time-range time-range-name]
Extended IP ACLs of some important protocols:
[sn] {permit | deny} tcp {source source-wildcard | host source | any} [operator port] {destination destination-
wildcard | host destination | any} [operator port] [tcp-flag] [precedence precedence] [tos tos] [fragments]
[time-range time-range-name]
[sn] {permit | deny} udp {source source–wildcard | host source | any} [operator port] {destination destination-
wildcard | host destination | any} [operator port] [precedence precedence] [tos tos] [fragments] [time-range
time-range-name]
[sn] {permit | deny} icmp {source source-wildcard | host source | any} {destination destination-wildcard | host
destination | any} [{icmp-type [icmp-code] | icmp-message}] [precedence precedence] [tos tos] [fragments]
[time-range time-range-name]
no sn
Parameters
sn
protocol
source
source-wildcard
host source
any
DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide
Extended IP ACL only filters IPv4 packets.
The name must be unique among all (including MAC, IP, IPv6 or Expert) access-lists
and the first character of the name must be a letter.
When creating an ACL through assigning a name, an ID will be assigned
automatically. The ID assignment rule will start from the maximum ID of 3999 and
decrease 1 per new ACL.
When creating an ACL through assigning an ID, a name will be assigned
automatically. The name assignment rule is 'ext-ip' + "-" + ID. If this name conflicts
with the name of an existing ACL, then it will be renamed based on the following rule:
'ext-ip' + "-" + ID +"alt".
This example shows how to create an extended ACL.
(Optional) Specifies the ACE sequence number used. This number must be between
1 and 65535.
Specifies the name or number of an IP protocol: 'eigrp', 'esp', 'gre', 'igmp', 'ip', 'ipinip',
'ospf', 'pcp', 'pim', 'tcp', 'udp', 'icmp' or an integer in the range 0 to 255 representing
an IP protocol number. To match any Internet protocol. Additional specific
parameters for 'tcp', 'udp', and 'icmp'. The 'ip' means any IP Protocol.
Specifies the source IP address.
Applies wildcard bits to the source.
Specifies a specific source IP address.
Means any source or destination IP address.
19
- Quick Links:
- Basic Cli Commands
Hide quick links:
Advertisement
Table of Contents
