Home
Главная
Qtech
Коммутаторы
QSW-3200-28T
Руководство пользователя Страница: 60

Qtech QSW-3200-28T Руководство пользователя онлайн [60/136] 481609

+7(495) 797-3311www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

no access-list { all | { access-list-number | name access-list-name } [ subitem ] }

Use access-list command repeatedly to define more rules for the same ACL.

If parameter time-range is not used, this ACL will be effective at any time after activation.

Concrete parameter meaning refers to corresponded command line.

(2) Define standard ACL with name ID.

Standard ACL with name ID is using name ID to identify standard ACL.

Instruction:

Defining standard ACL with name ID should enter specified configuration mode: use access-

list standard in global configuration mode which can specify matching order of ACL. Use exit

command to be back from this mode.

Use following commands to define standard ACL with name ID. Configure it incorresponded

mode.

Command:

Enter standard ACL with name ID configuration mode (global configuration mode)

access-list standard name [ match-order { config | auto } ]

Defining standard ACL rule (standard ACL with name ID configuration mode)

{ permit | deny } { source-addr source-wildcard | any } [ fragments ] [ time-range time-range-

name ]

Delete all the subitems or one subitem in one ACL with number ID or name ID or all ACLs.

(global configuration mode)

no access-list { all | { access-list-number | name access-list-name } [ subitem ] }

Use { permit | deny } command repeatedly to define more rules for the same ACL. Specifying

matching order cannot be modified.

By default, the matching order is user configured order (config).

Concrete parameter meaning refers to corresponded command line.

 Define extended ACL

Switch can defaine at most 100 extended ACL with the number ID (the number is in the range

of 100 to 199), at most 1000 extended ACL with the name ID and totally 3000 sub-rules. It can

define 128 sub-rules for an ACL (this rule can suit both ACL with name ID and number ID).

Extended ACL classifies data packet according to the source IP, destination IP, used TCP or

UDP interface number, packet priority information of IP head of data packet and analyse the

matching data packet. Extended ACL supports three types of packet priority handling:

TOS(Type Of Service) priority, IP priority and DSCP. The construction of IP head refers to

RFC791.

(1) Define extended ACL with number ID

Extended ACL based on number ID is using number to be ID of extended ACL. Use following

command to define extended ACL based on number ID.

Configure it in global configuration mode.

Define extended ACL based on number ID

access-list access-list-number2 { permit | deny } [ protocol ] [ established ] { source-addr

source-wildcard | any } [ port [ portmask ] ] { dest-addr dest-wildcard | any } [ port [ portmask ] ]

[ icmp-type [ icmp-code ] ] [ fragments ] { [ precedence precedence ] [ tos tos ] | [ dscp dscp ] }

[ time-range time-range-name ]

Define the matching order of ACL

access-list access-list-number match-order { config | auto }

Delete all the subitems or one subitem in one ACL with number ID or name ID or all ACLs.

no access-list { all | { access-list-number | name access-list-name } [ subitem ] }

Use access-list command repeatedly to define more rules for the same ACL.

Qtech QSW-3200-28T Руководство пользователя онлайн [60/136] 481609

Содержание

Похожие устройства