Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
ACL Configuration Mode Commands
▀ deny/permit (by source ICMP packets)
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22948-01
Specifies the rule is either block (deny) or an allow (permit) filter.
: indicates the rule, when matched, drops the corresponding packets.
: indicates the rule, when matched, allows the corresponding packets.
Default: packets are not logged.
Indicates all packets which match the filter are to be logged.
Indicates all packets which match the filter are to be logged.
The IP address(es) form which the packet originated.
This option is used to filter all packets from a specific IP address or a group of IP addresses.
When specifying a group of addresses, the initial address is configured using this option. The range can then
be configured using the
This option is used to filter all packets from a specific IP address or a group of IP addresses.
When specifying a group of addresses, the initial address is configured using this option. The range can then
be configured using the
parameter.
This option is used in conjunction with the
option to specify a group of addresses for
which packets are to be filtered.
The mask must be entered as a complement:
The mask must be entered as a complement:
Zero-bits in this parameter mean that the corresponding bits configured for the
parameter must be identical.
One-bits in this parameter mean that the corresponding bits configured for the
parameter must be ignored.
Important:
The mask must contain a contiguous set of one-bits from the least significant bit (LSB). Therefore,
allowed masks are 0, 1, 3, 7, 15, 31, 63, 127, and 255. For example, acceptable wildcards are 0.0.0.3, 0.0.0.255, and
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
Specifies that the rule applies to all packets.
Specifies that the rule applies to a specific host as determined by its IP address.
The IP address of the source host to filter against expressed in dotted decimal notation.
The IP address of the destination host to filter against expressed in dotted decimal notation.
The IP address(es) to which the packet is to be sent.
This option is used to filter all packets to a specific IP address or a group of IP addresses.
When specifying a group of addresses, the initial address is configured using this parameter. The range can
then be configured using the
This option is used to filter all packets to a specific IP address or a group of IP addresses.
When specifying a group of addresses, the initial address is configured using this parameter. The range can
then be configured using the
parameter.