Accton Technology ES4710BD User Manual page 271

[no] {deny | permit} tcp {{<sIpAddr> <sMask>} |
any-source | {host-source <sIpAddr>}} [s-port
<sPort>] {{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [d-port <dPort>]
[ack | fin | psh | rst | syn | urg] [precedence <prec>]
[tos <tos>]
[no] {deny | permit} udp {{<sIpAddr> <sMask>} |
any-source | {host-source <sIpAddr>}} [s-port
<sPort>] {{<dIpAddr> <dMask>} | any-destination |
{host-destination <dIpAddr>}} [d-port <dPort>]
[precedence <prec>] [tos <tos>]
[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip |
<int>} {{<sIpAddr> <sMask>} | any-source |
{host-source <sIpAddr>}} {{<dIpAddr> <dMask>} |
any-destination | {host-destination <dIpAddr>}}
[precedence <prec>] [tos <tos>]
c. Exit extended IP ACL configuration mode
Command
Extended IP ACL Mode
Exit
2. Configuring packet filtering function
(1) Enable global packet filtering function
Command
Global Mode
Firewall enable
Firewall disable
(2) Configure default action.
Command
Global Mode
Firewall default permit
Firewall default deny
3. Bind access-list to a specific direction of the specified port.
Command
Physical Interface Mode
EES4710BD 10 Slots L2/L3/L4 Chassis Switch
Explanation
Exits extended name-based IP ACL configuration
mode
Explanation
Enables global packet filtering function
disables global packet filtering function
Explanation
Sets default action to "permit"
Sets default action to "deny"
Explanation
270
Creates an extended name-based
TCP IP access rule; the "no" form
command deletes this name-based
extended IP access rule
Creates an extended name-based
UDP IP access rule; the "no" form
command deletes this name-based
extended IP access rule
Creates an extended name-based IP
access rule for other IP protocols;
the "no" form command deletes
this name-based extended IP access
rule