TP-LINK T1500-28PCT Manual Do Utilizador
113
T1500-28PCT(config)# access-list standard 120 rule 10 permit sip
192.168.0.100
smask 255.255.255.0
access-list extended
Description
The
access-list extended command is used to add Extended-IP ACL rule. To
delete the corresponding rule, please use
no access-list extended command.
Syntax
access-list extended acl-id rule rule-id { deny | permit } [[ sip source-ip ]
smask source-ip-mask ] [[ dip destination-ip] dmask destination-ip-mask ]
[
smask source-ip-mask ] [[ dip destination-ip] dmask destination-ip-mask ]
[
s-port s-port ] [ d-port d-port ] [ protocol protocol ]
no access-list extended acl-id rule rule-id
Parameter
acl-id——The desired Extended-IP ACL for configuration.
rule-id —— The rule ID.
deny —— The operation to discard packets.
permit ——The operation to forward packets. It is the default value.
source-ip —— The source IP address contained in the rule.
source-ip-mask —— The source IP address mask. It is required if you typed the
source IP address.
source IP address.
destination-ip —— The destination IP address contained in the rule.
destination-ip-mask —— The destination IP address mask. It is required if you
typed the destination IP address.
typed the destination IP address.
s-port —— The source port number.
d-port —— The destination port number.
protocol —— Configure the value of the matching protocol.
Command Mode
Global Configuration Mode
Example
Create an Extended-IP ACL whose ID is 220, and add Rule 11 for it. In the rule,
the source IP address is 192.168.0.100, the source IP address mask is
255.255.255.0, and the packets match this rule will be forwarded by the switch:
the source IP address is 192.168.0.100, the source IP address mask is
255.255.255.0, and the packets match this rule will be forwarded by the switch:
T1500-28PCT(config)# access-list create 220