Zhone 5100 참조 매뉴얼
CHAPTER 3
Interfaces
Interfaces
98
Vpacket 5100/6100 Series Reference Manual
Deleting an access control list entry
You can delete an acess list entry by issuing the set acl delete application command. When all of
the access control list entries are deleted, the system no longer performs filtering.
Syntax: set acl delete application <source_ip> <mask> <dest port | application-name
Syntax: set acl delete application <source_ip> <mask> <dest port | application-name
string | all > <protocol | all>
Arguments:
Arguments:
source_ip
a valid source IP address in standard notation
mask
the subnet mask that corresponds to the source IP address
dest port | application |all
a port number in the 0-65535 range; telnet, snmp, or web
protocol
tcp, udp, or all
Example:
In this example, the access control list for PC host 172.45.63.4 is deleted.
Viewing an application access control list
You can view the defined application access control lists by issuing the show acl application
command.
Syntax: show acl application
Example:
Syntax: show acl application
Example:
In this example, two entries are shown. The first entry allows 172.45.63.4 to access SNMP using
either TCP or UDP. The second entry allows 172.169.210.5 to access port 8080 with TCP only.
VPacket# set acl delete application 172.45.63.4 255.255.255.0 snmp all
Acl Static Map Deleted
VPacket#
Number of Application Control List entries defined: 2
Ip Addr Mask Port Protocol
172.45.63.4 255.255.255.0 snmp all
172.169.210.5 255.255.255.0 8080 tcp
VPacket#