Enterasys Networks 1G58x-09 사용자 설명서
Security Configuration Command Set
Configuring Access Lists
14-92
Command Syntax of the “no” Form
The “no” form of this command removes the defined access list or entry:
no access-list access-list-number [entry]
Command Type
Router command.
Command Mode
Global configuration: Matrix>Router(config)#
Command Defaults
•
If insert, replace or move are not specified, the new entry will be appended to
the access list.
the access list.
•
If source2 is not specified with move, only one entry will be moved.
Examples
This example shows how to allow access to only those hosts on the three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address
that does not match the access list statements will be rejected:
wildcard bits apply to the host portions of the network addresses. Any host with a source address
that does not match the access list statements will be rejected:
This example moves entry 16 to the beginning of ACL 144:
14.3.7.3 access-list (extended)
Use this command to define an extended IP access list by number when operating in router mode.
Restrictions defined by an access list are applied by using the ip access-group command as
described in
Restrictions defined by an access list are applied by using the ip access-group command as
described in
access-list access-list-number [insert | replace entry] | [move destination source1
[source2]] {deny | permit} protocol source [source-wildcard] [operator [port]]
destination [destination-wildcard] [operator [port]] [icmp-type [icmp-code]
[established]
[source2]] {deny | permit} protocol source [source-wildcard] [operator [port]]
destination [destination-wildcard] [operator [port]] [icmp-type [icmp-code]
[established]
Matrix>Router(config)#access-list 1 permit 192.5.34.0 0.0.0.255
Matrix>Router(config)#access-list 1 permit 128.88.0.0 0.0.255.255
Matrix>Router(config)#access-list 1 permit 36.0.0.0 0.255.255.255
Matrix>Router(config)#access-list 144 move 1 16