Главная
Skipped breadcrumb items
QSW-8200-52T-AC
Команды для функции безопасности Страница: 22

Главная
Qtech
QSW-8200-52T-AC
Команды для функции безопасности Страница: 22

Qtech QSW-8200-52T-AC — руководство пользователя по командам ACL для управления доступом [22/114]

Превью страниц Страница 22 / 114

Qtech QSW-8200-28F-AC [22/114] Permit deny ip standard

User Manual

Chapter 1. Commands for ACL 22

www.qtech.ru

o [no] {deny | permit} udp {{ <sIpAddr> <sMask> } | any-source | {host-source

<sIpAddr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> }] {{ <dIpAddr>

<dMask> } | any-destination | {host-destination <dIpAddr> }} [d-port { <dPort>

| range <dPortMin> <dPortMax> }] [precedence <prec> ] [tos <tos> ][time-

range<time-range-name> ]

o [no] {deny | permit} {eigrp | gre | igrp | ipinip | ip | ospf | <protocol-num>}

{{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>} | any-destination | {host-destination <dIpAddr>}} [precedence

<prec>] [tos <tos>][time-range<time-range-name>]

 Functions: Create a name extended IP access rule to match specific IP protocol or all IP

protocol.

 Parameters: <sIpAddr> is the source IP address, the format is dotted decimal notation;

<sMask > is the reverse mask of source IP, the format is dotted decimal notation;

<dIpAddr> is the destination IP address, the format is dotted decimal notation;

<dMask> is the reverse mask of destination IP, the format is dotted decimal notation,

attentive position o, ignored position 1; <igmp-type>, the type of igmp, 0-15; <icmp-

type>, the type of icmp, 0-255 ; <icmp-code>, protocol No. of icmp, 0-255; <prec>, IP

priority, 0-7; <tos>, to value, 0-15; <sPort>, source port No., 0-65535; <sPortMin>, the

down boundary of source port; <sPortMax>, the up boundary of source port; <dPort>,

destination port No. 0-65535; <dPortMin>, the down boundary of destination port;

<dPortMax>, the up boundary of destination port; <time-range-name>, time range

name.

 Command Mode: Name extended IP access-list configuration mode

 Default: No access-list configured.

 Examples: Create the extended access-list, deny icmp packet to pass, and permit udp

packet with destination address 192. 168. 0. 1 and destination port 32 to pass.

 Switch(config)# access-list ip extended udpFlow

 Switch(Config-IP-Ext-Nacl-udpFlow)#deny igmp any any-destination

 Switch(Config-IP-Ext-Nacl-udpFlow)#permit udp any host-destination 192.168.0.1 d-

port 32

1.22 permit | deny(ip standard)

 Command: {deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}}

 no {deny | permit} {{<sIpAddr> <sMask>} | any-source | {host-source

<sIpAddr>}}

 Functions: Create a name standard IP access rule, and “no {deny | permit} {{<sIpAddr>

<sMask>} | any-source | {host-source <sIpAddr>}}” action of this command deletes

this name standard IP access rule.

 Parameters: <sIpAddr> is the source IP address, the format is dotted decimal notation;

<sMask > is the reverse mask of source IP, the format is dotted decimal notation.

Qtech QSW-8200-52T-AC — руководство пользователя по командам ACL для управления доступом [22/114]

Содержание

Похожие устройства