Home » TP-Link Manuals » Hubs & Switches » TP-Link T1700G-28TQ » Manual Viewer

TP-Link T1700G-28TQ T1700G-28TQ V1 CLI Reference Guide - Page 183

access-list extended

View all TP-Link T1700G-28TQ manuals

Add to My Manuals
Save this manual to your list of manuals

Page 183 highlights

T1700G-28TQ(config)# access-list standard 520 rule 10 permit sip 192.168.0.100 smask 255.255.255.0 25.4 access-list extended Description The access-list extended command is used to add Extended-IP ACL rule. To delete the corresponding rule, please use no access-list extended command. Syntax access-list extended acl-id rule rule-id { deny | permit } [[ sip source-ip ] smask source-ip-mask ] [[ dip destination-ip] dmask destination-ip-mask ] [ s-port s-port ] [ d-port d-port ] [ protocol protocol ] no access-list extended acl-id rule rule-id Parameter acl-id--The desired Extended-IP ACL for configuration. rule-id -- The rule ID. deny -- The operation to discard packets. permit --The operation to forward packets. It is the default value. source-ip -- The source IP address contained in the rule. source-ip-mask -- The source IP address mask. It is required if you typed the source IP address. destination-ip -- The destination IP address contained in the rule. destination-ip-mask -- The destination IP address mask. It is required if you typed the destination IP address. s-port -- The source port number. d-port -- The destination port number. protocol -- Configure the value of the matching protocol. Command Mode Global Configuration Mode Example Create an Extended-IP ACL whose ID is 2220, and add Rule 10 for it. In the rule, the source IP address is 192.168.0.100, the source IP address mask is 255.255.255.0, and the packets match this rule will be forwarded by the switch: T1700G-28TQ(config)# access-list create 2220 169

Section	Page
Preface	15
Chapter 1 Using the CLI	18
1.1 Accessing the CLI	18
1.1.1 Logon by Telnet	18
1.1.2 Logon by SSH	19
1.2 CLI Command Modes	24
1.3 Security Levels	27
1.4 Conventions	28
1.4.1 Format Conventions	28
1.4.2 Special Characters	28
1.4.3 Parameter Format	28
Chapter 2 User Interface	29
2.1 enable	29
2.2 service password-encryption	29
2.3 enable password	30
2.4 enable secret	31
2.5 configure	32
2.6 exit	32
2.7 end	32
2.8 show history	33
2.9 clear history	33
Chapter 3 Stack	35
3.1 switch priority	35
3.2 switch renumber	35
3.3 switch stack-port	36
3.4 switch provision	37
3.5 show switch	37
Chapter 4 IEEE 802.1Q VLAN Commands	39
4.1 vlan	39
4.2 interface vlan	39
4.3 name	40
4.4 switchport general allowed vlan	40
4.5 switchport pvid	41
4.6 show vlan summary	42
4.7 show vlan brief	42
4.8 show vlan	42
4.9 show interface switchport	43
Chapter 5 MAC-based VLAN Commands	44
5.1 mac-vlan mac-address	44
5.2 mac-vlan	44
5.3 show mac-vlan	45
5.4 show mac-vlan interface	46
Chapter 6 Protocol VLAN Commands	47
6.1 protocol-vlan template	47
6.2 protocol-vlan vlan	48
6.3 protocol-vlan	48
6.4 show protocol-vlan template	49
6.5 show protocol-vlan vlan	49
Chapter 7 Voice VLAN Commands	51
7.1 voice vlan	51
7.2 voice vlan aging	51
7.3 voice vlan priority	52
7.4 voice vlan mac-address	52
7.5 switchport voice vlan mode	53
7.6 switchport voice vlan security	54
7.7 show voice vlan	54
7.8 show voice vlan oui	55
7.9 show voice vlan switchport	55
Chapter 8 Etherchannel Commands	57
8.1 channel-group	57
8.2 port-channel load-balance	58
8.3 lacp system-priority	59
8.4 lacp port-priority	59
8.5 show etherchannel	60
8.6 show etherchannel load-balance	60
8.7 show lacp	61
8.8 show lacp sys-id	61
Chapter 9 User Management Commands	63
9.1 user name (password)	63
9.2 user name (secret)	64
9.3 user access-control ip-based	65
9.4 user access-control mac-based	66
9.5 user access-control port-based	66
9.6 telnet	67
9.7 show user account-list	68
9.8 show user configuration	68
9.9 show telnet-status	69
Chapter 10 HTTP and HTTPS Commands	70
10.1 ip http server	70
10.2 ip http max-users	70
10.3 ip http session timeout	71
10.4 ip http secure-server	72
10.5 ip http secure-protocol	72
10.6 ip http secure-ciphersuite	73
10.7 ip http secure-max-users	73
10.8 ip http secure-session timeout	74
10.9 ip http secure-server download certificate	75
10.10 ip http secure-server download key	75
10.11 show ip http configuration	76
10.12 show ip http secure-server	77
Chapter 11 Binding Table Commands	78
11.1 ip source binding	78
11.2 ip dhcp snooping	79
11.3 ip dhcp snooping vlan	80
11.4 ip dhcp snooping information option	80
11.5 ip dhcp snooping information strategy	81
11.6 ip dhcp snooping information remote-id	81
11.7 ip dhcp snooping information circuit-id	82
11.8 ip dhcp snooping trust	83
11.9 ip dhcp snooping mac-verify	83
11.10 ip dhcp snooping limit rate	84
11.11 ip dhcp snooping decline rate	85
11.12 show ip source binding	85
11.13 show ip dhcp snooping	86
11.14 show ip dhcp snooping interface	86
Chapter 12 ARP Inspection Commands	88
12.1 ip arp inspection(global)	88
12.2 ip arp inspection trust	88
12.3 ip arp inspection(interface)	89
12.4 ip arp inspection limit-rate	89
12.5 ip arp inspection recover	90
12.6 show ip arp inspection	91
12.7 show ip arp inspection interface	91
12.8 show ip arp inspection statistics	92
12.9 clear ip arp inspection statistics	92
Chapter 13 DoS Defend Commands	93
13.1 ip dos-prevent	93
13.2 ip dos-prevent type	93
13.3 show ip dos-prevent	94
Chapter 14 System Log Commands	95
14.1 logging buffer	95
14.2 logging buffer level	95
14.3 logging file flash	96
14.4 logging file flash frequency	97
14.5 logging file flash level	97
14.6 logging host index	98
14.7 logging monitor	99
14.8 logging monitor level	99
14.9 clear logging	100
14.10 show logging local-config	100
14.11 show logging loghost	101
14.12 show logging buffer	101
14.13 show logging flash	102
Chapter 15 SSH Commands	103
15.1 ip ssh server	103
15.2 ip ssh version	103
15.3 ip ssh algorithm	104
15.4 ip ssh timeout	104
15.5 ip ssh max-client	105
15.6 ip ssh download	105
15.7 remove public-key	106
15.8 show ip ssh	107
Chapter 16 IEEE 802.1X Commands	108
16.1 dot1x system-auth-control	108
16.2 dot1x handshake	108
16.3 dot1x auth-method	109
16.4 dot1x guest-vlan(global)	110
16.5 dot1x quiet-period	110
16.6 dot1x timeout	111
16.7 dot1x max-reauth-req	112
16.8 dot1x	112
16.9 dot1x guest-vlan(interface)	113
16.10 dot1x port-control	113
16.11 dot1x port-method	114
16.12 radius	115
16.13 radius server-account	116
16.14 show dot1x global	117
16.15 show dot1x interface	117
16.16 show radius accounting	118
16.17 show radius authentication	118
Chapter 17 MAC Address Commands	119
17.1 mac address-table static	119
17.2 mac address-table aging-time	120
17.3 mac address-table filtering	120
17.4 mac address-table max-mac-count	121
17.5 show mac address-table	122
17.6 show mac address-table aging-time	123
17.7 show mac address-table max-mac-count	123
17.8 show mac address-table interface	124
17.9 show mac address-table count	124
17.10 show mac address-table address	125
17.11 show mac address-table vlan	125
Chapter 18 System Configuration Commands	126
18.1 system-time manual	126
18.2 system-time ntp	126
18.3 system-time dst predefined	128
18.4 system-time dst date	129
18.5 system-time dst recurring	130
18.6 hostname	131
18.7 location	131
18.8 contact-info	132
18.9 ip address	132
18.10 ip address-alloc	133
18.11 reset	134
18.12 reboot	134
18.13 copy running-config startup-config	135
18.14 copy startup-config tftp	135
18.15 copy tftp startup-config	136
18.16 boot application	137
18.17 remove backup-image	137
18.18 firmware upgrade	138
18.19 ping	139
18.20 tracert	140
18.21 show system-info	141
18.22 show image-info	141
18.23 show boot	141
18.24 show running-config	142
18.25 show startup-config	142
18.26 show system-time	143
18.27 show system-time dst	143
18.28 show system-time ntp	143
18.29 show cable-diagnostics interface gigabitEthernet	144
18.30 show cpu-utilization	144
18.31 show memory-utilization	145
Chapter 19 IPv6 Address Configuration Commands	146
19.1 ipv6 enable	146
19.2 ipv6 address autoconfig	146
19.3 ipv6 address link-local	147
19.4 ipv6 address dhcp	147
19.5 ipv6 address ra	148
19.6 ipv6 address eui-64	149
19.7 ipv6 address	149
19.8 show ipv6 interface	150
Chapter 20 Ethernet Configuration Commands	151
20.1 interface gigabitEthernet	151
20.2 interface range gigabitEthernet	151
20.3 interface ten-gigabitEthernet	152
20.4 interface range ten-gigabitEthernet	152
20.5 description	153
20.6 shutdown	154
20.7 flow-control	154
20.8 duplex	155
20.9 jumbo	155
20.10 speed	156
20.11 storm-control pps	157
20.12 storm-control	157
20.13 bandwidth	158
20.14 clear counters	159
20.15 show interface status	159
20.16 show interface counters	160
20.17 show interface configuration	160
20.18 show storm-control	161
20.19 show bandwidth	162
Chapter 21 QoS Commands	163
21.1 qos	163
21.2 qos dscp	163
21.3 qos queue cos-map	164
21.4 qos queue dscp-map	165
21.5 qos queue mode	166
21.6 qos queue weight	167
21.7 show qos interface	168
21.8 show qos cos-map	169
21.9 show qos dscp-map	169
21.10 show qos queue mode	169
21.11 show qos status	170
Chapter 22 Port Mirror Commands	171
22.1 monitor session destination interface	171
22.2 monitor session source interface	172
22.3 show monitor session	173
Chapter 23 Port Isolation Commands	174
23.1 port isolation	174
23.2 show port isolation interface	175
Chapter 24 Loopback Detection Commands	176
24.1 loopback-detection(global)	176
24.2 loopback-detection interval	176
24.3 loopback-detection recovery-time	177
24.4 loopback-detection(interface)	177
24.5 loopback-detection config	178
24.6 loopback-detection recover	179
24.7 show loopback-detection global	179
24.8 show loopback-detection interface	180
Chapter 25 ACL Commands	181
25.1 access-list create	181
25.2 mac access-list	181
25.3 access-list standard	182
25.4 access-list extended	183
25.5 rule	184
25.6 access-list policy name	185
25.7 access-list policy action	185
25.8 access-list bind acl	186
25.9 access-list bind(interface)	186
25.10 access-list bind(vlan)	187
25.11 show access-list	187
25.12 show access-list policy	188
25.13 show access-list bind	188
Chapter 26 MSTP Commands	189
26.1 debug spanning-tree	189
26.2 spanning-tree(global)	190
26.3 spanning-tree(interface)	190
26.4 spanning-tree common-config	191
26.5 spanning-tree mode	192
26.6 spanning-tree mst configuration	192
26.7 instance	193
26.8 name	194
26.9 revision	194
26.10 spanning-tree mst instance	195
26.11 spanning-tree mst	195
26.12 spanning-tree priority	196
26.13 spanning-tree tc-defend	197
26.14 spanning-tree timer	197
26.15 spanning-tree hold-count	198
26.16 spanning-tree max-hops	199
26.17 spanning-tree bpdufilter	199
26.18 spanning-tree bpduguard	200
26.19 spanning-tree guard loop	200
26.20 spanning-tree guard root	201
26.21 spanning-tree guard tc	201
26.22 spanning-tree mcheck	202
26.23 show spanning-tree active	203
26.24 show spanning-tree bridge	203
26.25 show spanning-tree interface	203
26.26 show spanning-tree interface-security	204
26.27 show spanning-tree mst	205
Chapter 27 IGMP Snooping Commands	206
27.1 ip igmp snooping(global)	206
27.2 ip igmp snooping(interface)	206
27.3 ip igmp snooping rtime	207
27.4 ip igmp snooping mtime	207
27.5 ip igmp snooping report-suppression	208
27.6 ip igmp snooping immediate-leave	208
27.7 ip igmp snooping drop-unknown	209
27.8 ip igmp snooping last-listener query-inteval	209
27.9 ip igmp snooping last-listener query-count	210
27.10 ip igmp snooping vlan-config	210
27.11 ip igmp snooping multi-vlan-config	212
27.12 ip igmp snooping querier vlan	213
27.13 ip igmp snooping querier vlan (general query)	213
27.14 ip igmp snooping max-groups	214
27.15 ip igmp profile	215
27.16 deny	216
27.17 permit	216
27.18 range	216
27.19 ip igmp filter	217
27.20 clear ip igmp snooping statistics	218
27.21 show ip igmp snooping	218
27.22 show ip igmp snooping interface	218
27.23 show ip igmp snooping vlan	219
27.24 show ip igmp snooping multi-vlan	220
27.25 show ip igmp snooping groups	220
27.26 show ip igmp snooping querier	221
27.27 show ip igmp profile	222
Chapter 28 MLD Snooping Commands	223
28.1 ipv6 mld snooping(global)	223
28.2 ipv6 mld snooping(interface)	223
28.3 ipv6 mld snooping rtime	224
28.4 ipv6 mld snooping mtime	224
28.5 ipv6 mld snooping report-suppression	225
28.6 ipv6 mld snooping immediate-leave	225
28.7 ipv6 mld snooping drop-unknown	226
28.8 ipv6 mld snooping last-listener query-inteval	226
28.9 ipv6 mld snooping last-listener query-count	227
28.10 ipv6 mld snooping vlan-config	227
28.11 ipv6 mld snooping multi-vlan-config	228
28.12 ipv6 mld snooping querier vlan	230
28.13 ipv6 mld snooping querier vlan (general query)	230
28.14 ipv6 mld snooping max-groups	231
28.15 ipv6 mld profile	232
28.16 deny	233
28.17 permit	233
28.18 range	233
28.19 ipv6 mld filter	234
28.20 clear ipv6 mld snooping statistics	235
28.21 show ipv6 mld snooping	235
28.22 show ipv6 mld snooping interface	235
28.23 show ipv6 mld snooping vlan	236
28.24 show ipv6 mld snooping multi-vlan	237
28.25 show ipv6 mld snooping groups	237
28.26 show ipv6 mld snooping querier	238
28.27 show ipv6 mld profile	238
Chapter 29 SNMP Commands	239
29.1 snmp-server	239
29.2 snmp-server view	239
29.3 snmp-server group	240
29.4 snmp-server user	241
29.5 snmp-server community	243
29.6 snmp-server host	243
29.7 snmp-server engineID	245
29.8 snmp-server traps snmp	246
29.9 snmp-server traps link-status	247
29.10 snmp-server traps	247
29.11 snmp-server traps mac	248
29.12 snmp-server traps vlan	249
29.13 rmon history	250
29.14 rmon event	251
29.15 rmon alarm	252
29.16 rmon statistics	253
29.17 show snmp-server	254
29.18 show snmp-server view	254
29.19 show snmp-server group	255
29.20 show snmp-server user	255
29.21 show snmp-server community	255
29.22 show snmp-server host	256
29.23 show snmp-server engineID	256
29.24 show rmon history	257
29.25 show rmon event	257
29.26 show rmon alarm	258
29.27 show rmon statistics	258
Chapter 30 ARP Commands	259
30.1 arp	259
30.2 clear arp-cache	259
30.3 arp timeout	260
30.4 show arp	260
30.5 show ip arp (interface)	261
30.6 show ip arp summary	261
Chapter 31 Static Routes Commands	263
31.1 interface vlan	263
31.2 interface loopback	263
31.3 switchport	264
31.4 shutdown	264
31.5 ip route	265
31.6 description	265
31.7 show interface vlan	266
31.8 show ip interface	266
31.9 show ip interface brief	267
31.10 show ip route	267
31.11 show ip route specify	268