Configuring Extended ACL
Purpose
This topic describes the configuration of extended ACL.
Steps
For the configuration of extended ACL,
steps.
1.
To enter into extended ACL configuration, use command
config
configuration mode.
T
A B L E
Format
config acl extend
number <acl-
number>
Result: This configures extended ACL
2.
To configure the rules of ACL,
<rule_id> {permit|deny} {<ip-protocol>| ip | tcp | udp |
icmp | arp}{<source-ipaddr wildcard> | any} [<source-
port
any}
esblishing | <icmp-type icmp-code>] [dscp] [fragment] in
ACL config mode.
T
A B L E
Format
rule <rule_id>
{permit|deny} {<ip-
protocol>| ip | tcp |
udp | icmp |
arp}{<source-ipaddr
wildcard> | any}
[<source-port
sourceport-
mask>]{<destination-
ipaddr wildcard> |
any} [<dest-port
destport-
mask>][established
| esblishing | <icmp-
type icmp-code>]
[dscp] [fragment]
Result: This configures ACL rules.
E
ND OF STEPS
Result
Basic ACL has been configured.
acl
extend
number
This is shown in Table 190.
1 9 0 C
A C L E
O N F I G
X T E N D
Mode
global config
sourceport-mask>]{<destination-ipaddr
[<dest-port
This is shown in Table 191.
1 9 1 R
C
U L E
O M M A N D
Mode
ACL config
Confidential and Proprietary Information of ZTE CORPORATION
Chapter 7 Service Configuration
perform the following
<acl-number>
C
O M M A N D
Function
This configures
extended ACL
use command rule
destport-mask>][established
Function
This configures
ACL rules
in
global
wildcard>
|
|
127