Table of Contents
Advertisement
To move entries within an ACL:
access-list access-list-number move destination source1 [source2]
Parameters
access‐list‐number
[entryno [entryno]]
deny | permit
protocol
source
source‐wildcard
eq port
destination
destination‐wildcard (Optional) Specifies the bits to ignore in the destination address.
insert | replace
entryno
move destination
source1 source2
Defaults
If insert, replace, or move are not specified, the new entry will be appended to the access list.
If source2 is not specified with move, only one entry will be moved.
Specifies an extended access list number. Valid values are from 100 to 199.
When using the no access‐list command, you can delete a whole access‐list,
or only specific entries in the list with the optional entryno parameter.
Specify a range of entries by entering the start and end entry numbers.
Denies or permits access if specified conditions are met.
Specifies an IP protocol for which to deny or permit access. Valid values
and their corresponding protocols are:
•
ip ‐ Any Internet protocol
•
udp ‐ User Datagram Protocol
•
tcp ‐ Transmission Control Protocol
•
icmp ‐ Internet Control Message Protocol
Specifies the network or host from which the packet will be sent. Valid
options for expressing source are:
•
IP address or range of addresses (A.B.C.D)
•
any ‐ Any source host
•
host source ‐ IP address of a single source host
(Optional) Specifies the bits to ignore in the source address.
(Optional) Applies access rules to TCP or UDP source and/or destination
port numbers equal to the specified port number.
Port numbers can range from 0 to 65535.
Note: This parameter is not available when you specify the icmp protocol.
Specifies the network or host to which the packet will be sent. Valid options
for expressing destination are:
•
IP address (A.B.C.D)
•
any ‐ Any destination host
•
host source ‐ IP address of a single destination host
(Optional) Inserts this new entry before a specified entry in an existing
ACL, or replaces a specified entry with this new entry.
(Optional) Moves a sequence of access list entries before another entry.
Destination is the number of the existing entry before which this new entry
will be moved. Source1 is a single entry number or the first entry number in
the range to be moved. Source2 (optional) is the last entry number in the
range to be moved. If source2 is not specified, only the source1 entry will be
moved.
access-list (extended)
SecureStack C3 Configuration Guide 26-85
- Quick Links:
- Set Ip Address
Hide quick links:
Advertisement
Table of Contents
