ACL Commands
permit (IP)
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
Parameters
value
•
sequence
based ACL. The acceptable range is from 1 to 2147483547. If not specified,
the switch provides a number starting from 1 in ascending order.
protocol
•
—The name or the number of an IP protocol. Available protocol
names are icmp, ip, tcp, egp, igp, udp, hmp, rdp, idpr, ipv6, ipv6:rout,
ipv6:frag, idrp, rsvp, gre, esp, ah, ipv6:icmp, eigrp, ospf, ipinip, pim, l2tp, and
isis. To match any protocol, use the IP keyword. (Range: 0 to 255)
source
•
—Source IP address of the packet.
source-wildcard
•
source-port/port-range
•
Predefined port names are defined in the
parameter. (Range: 0 to 65535)
•
destination
—Destination IP address of the packet.
destination-wildcard
•
address.
destination-port/port-range
•
You can enter a range of ports by using hyphen such as 20 - 21. For TCP
enter a number or one of these values: bgp (179), chargen (19), daytime (13),
discard (9), domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data
(20), gopher (70), hostname (42), irc (194), klogin (543), kshell (544), lpd
(515), nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog
(514), tacacs-ds (49), talk (517), telnet (23), time (35), uucp (117), whois (43),
www (80). For UDP enter a number or one of the following values: biff (512),
bootpc (68), bootps (67), discard (9), dnsix (90), domain (53), echo (7),
mobile-ip (434), nameserver (42), netbios-dgm (138), netbios-ns (135),
on500-isakmp (4500), ntp (123), rip (520), snmp (161), snmptrap (162),
sunrpc (111), syslog (514), tacacs-ds (49), talk (517), tftp (69), time (35), who
(513), or xdmcp (177). (Range: 0 to 65535)
number
•
dscp
—(Optional) Specifies the DSCP value.
number
•
precedence
icmp-type
•
—(Optional) The ICMP message type for filtering ICMP packets.
Enter a number or one of these values: echo-reply, destination-unreachable,
source-quench, redirect, alternate-host-address, echo-request, router-
advertisement, router-solicitation, time-exceeded, parameter-problem,
timestamp, timestamp-reply, information-request, information-reply,
—(Optional) Specifies the sequence number for the IPv4-
—Wildcard bits to be applied to the source IP address.
—(Optional) The UDP or TCP source port.
—Wildcard bits to be applied to the destination IP
—(Optional) The UDP or TCP destination port.
—(Optional) Specifies the IP precedence value.
destination-port/port-range
4
80