D-Link DXS-3600 Series Reference Manual page 59
Dxs-3600 series layer 2/3 managed 10gigabit ethernet switch
Hide thumbs
Also See for DXS-3600 Series:
- Cli reference manual (1456 pages) ,
- Reference manual (680 pages) ,
- Hardware installation manual (55 pages)
Table of Contents
Advertisement
DXS-3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide
4-18 permit | deny (ip access-list)
This command is used to add a permit or a deny entry. Use the no form of the command to remove an
entry.
Extended Access List:
[SEQUENCE-NUMBER] {permit | deny} tcp {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-
WILDCARD} [{eq | lt | gt | neq} PORT | range MIN-PORT MAX-PORT] {any | host DST-IP-ADDR |
DST-IP-ADDR DST-IP-WILDCARD} [{eq | lt | gt | neq} PORT | range MIN-PORT MAX-PORT] [TCP-
FLAG] [[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-NAME]
[SEQUENCE-NUMBER] {permit | deny} udp {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-
WILDCARD} [{eq | lt | gt | neq} PORT | range MIN-PORT MAX-PORT] {any | host DST-IP-ADDR |
DST-IP-ADDR DST-IP-WILDCARD} [{eq | lt | gt | neq} PORT | range MIN-PORT MAX-PORT]
[[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-NAME]
[SEQUENCE-NUMBER] {permit | deny} icmp {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-
WILDCARD} {any | host DST-IP-ADDR | DST-IP-ADDR DST-IP-WILDCARD} [ICMP-TYPE [ICMP-
CODE] | ICMP-MESSAGE] [[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range
PROFILE-NAME]
[SEQUENCE-NUMBER] {permit | deny} {gre | esp | eigrp | igmp | ipinip | ospf | pcp | pim | vrrp |
protocol-id PROTOCOL-ID} {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-WILDCARD} {any |
host DST-IP-ADDR | DST-IP-ADDR DST-IP-WILDCARD} [fragments] [[precedence PRECEDENCE]
[tos TOS] | dscp DSCP] [time-range PROFILE-NAME]
[SEQUENCE-NUMBER] {permit | deny} {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-
WILDCARD} [any | host DST-IP-ADDR | DST-IP-ADDR DST-IP-WILDCARD] [fragments]
[[precedence PRECEDENCE] [tos TOS] | dscp DSCP] [time-range PROFILE-NAME]
Standard IP Access List:
[SEQUENCE-NUMBER] {permit | deny} {any | host SRC-IP-ADDR | SRC-IP-ADDR SRC-IP-
WILDCARD} [any | host DST-IP-ADDR | DST-IP-ADDR DST-IP-WILDCARD]
no SEQUENCE-NUMBER
Parameters
SEQUENCE-NUMBER
any
host SRC-IP-ADDR
SRC-IP-ADDR SRC-IP-
WILDCARD
host DST-IP-ADDR
DST-IP-ADDR DST-IP-
WILDCARD
precedence PRECEDENCE
dscp DSCP
Specifies the sequence number. The range is from 1 to 65535. The
lower the number is, the higher the priority of the permit/deny rule.
Specifies any source IP address or any destination IP address.
Specifies a specific source host IP address.
Specifies a group of source IP addresses by using a wildcard bitmap.
The bit corresponding to the bit value 1 will be ignored. The bit
corresponding to the bit value 0 will be checked.
Specifies a specific destination host IP address.
Specifies a group of destination IP addresses by using a wildcard
bitmap. The bit corresponding to the bit value 1 will be ignored. The bit
corresponding to the bit value 0 will be checked.
(Optional) Specifies that packets can be filtered by precedence level,
as specified by a number from 0 to 7.
(Optional) Specifies the matching DSCP code in IP header. The range
is from 0 to 63, or select the following DSCP name: af11 - 001010,
af12 -001100, af13 - 001110, af21 - 010010, af22 - 010100, af23 -
010110, af31 - 011010, af32 - 011100, af33 - 011110, af41 - 100010,
59
Advertisement
Table of Contents
