TP-Link 10GE T1700G-28TQUN V1 CLI Reference Guide - Page 204
access-list extended
View all TP-Link 10GE manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 204 highlights
25.9 access-list extended Description The access-list extended command is used to add Extended-IP ACL rule. To delete the corresponding rule, please use no access-list extended command. Syntax access-list extended acl-id rule rule-id { deny | permit } [[ sip source-ip ] smask source-ip-mask ] [[ dip destination-ip] dmask destination-ip-mask ] [ s-port s-port ] [ d-port d-port ] [ protocol protocol ] no access-list extended acl-id rule rule-id Parameter acl-id--The desired Extended-IP ACL for configuration. rule-id -- The rule ID. deny -- The operation to discard packets. permit --The operation to forward packets. It is the default value. source-ip -- The source IP address contained in the rule. source-ip-mask -- The source IP address mask. It is required if you typed the source IP address. destination-ip -- The destination IP address contained in the rule. destination-ip-mask -- The destination IP address mask. It is required if you typed the destination IP address. s-port -- The source port number. d-port -- The destination port number. protocol -- Configure the value of the matching protocol. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Create an Extended-IP ACL whose ID is 2220, and add Rule 10 for it. In the rule, the source IP address is 192.168.0.100, the source IP address mask is 255.255.255.0, and the packets match this rule will be forwarded by the switch: T1700G-28TQ(config)# access-list create 2220 188