Access-List (Extended) - Enterasys Matrix DFE-Gold Series Configuration Manual

access-list (extended)

Defaults
• If insert, replace or move are not specified, the new entry will be appended to the access list.
• If source2 is not specified with move, only one entry will be moved.
Mode
Router command, Global configuration: Matrix>Router(config)#
Usage
Valid access‐list‐numbers for standard ACLs are 1 to 99. For extended ACLs, valid values are 100 to
199.
The "no" form of this command removes the defined access list or entry.
Examples
This example shows how to allow access to only those hosts on the three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address
that does not match the access list statements will be rejected:
Matrix>Router(config)#access-list 1 permit 192.5.34.0 0.0.0.255
Matrix>Router(config)#access-list 1 permit 128.88.0.0 0.0.255.255
Matrix>Router(config)#access-list 1 permit 36.0.0.0 0.255.255.255
This example moves entry 16 to the beginning of ACL 22:
Matrix>Router(config)#access-list 22 move 1 16
access-list (extended)
Configuring extended access control lists (ACLs) is an advanced routing feature that must be enabled with a
license key. If you have purchased an advanced routing license and have enabled routing on the device, you
must activate your license as described in
enable the extended access list command set. If you wish to purchase an advanced routing license, contact
Enterasys Networks Sales.
Use this command to define an extended IP access list by number when operating in router mode.
Syntax
access-list access-list-number [insert | replace entry] | [log 1-5000 | all] [move
destination source1 [source2]] {deny | permit} protocol source [source-wildcard]
[operator [port]] destination [destination-wildcard] [operator [port]]
[tos-extensions][icmp-type [icmp-code] [established] [log]
To insert or replace an ACL entry:
access-list access-list-number insert | replace entry
To move entries within an ACL:
access-list access-list-number move destination source1 [source2]
To log entries within an ACL:
access-list access-list-number log 1-5000 | all
Important Notice
"Activating Advanced Routing
Enterasys Matrix DFE-Gold Series Configuration Guide 24-17
Configuring Access Lists
Features" on page 21-1 in order to