Manualshelf

Specifications

ManualsBrandsDigitalchina Networks ManualsComputer equipmentDCS-3950 series
271272273274275276277278279280
265
DCS-3950 series Ethernet switch manual
such a access-list.
Parameters: <num> is the No. of access-list, 100-199; <protocol> is the No. of
upper-layer protocol of ip, 0-255; <sIpAddr> is the source IP address, the format is
dotted decimal notation; <sMask > is the reverse mask of source IP, the format is dotted
decimal notation; <dIpAddr> is the destination IP address, the format is dotted decimal
notation; <dMask> is the reverse mask of destination IP, the format is dotted decimal
notation, attentive position o, ignored position 1; <igmp-type>, the type of igmp, 0-15;
<icmp-type>, the type of icmp, 0-255 ; <icmp-code>, protocol No. of icmp, 0-255;
<prec>, IP priority, 0-7; <tos>, to value, 0-15; <sPort>, source port No., 0-65535;
<dPort>, destination port No. 0-65535;
<time-range-name>, name of time-range.
Command Mode: Global mode
Default: No access-lists configured.
Usage Guide: When the user assign specific <num> for the first time, ACL of the serial
number is created, then the lists are added into this ACL.
Example: Create the numeric extended access-list whose serial No. is 110. deny icmp
packet to pass, and permit udp packet with destination address 192. 168. 0. 1 and
destination port 32 to pass.
Switch(Config)#access-list 110 deny icmp any-source any-destination
Switch(Config)#access-list 110 permit udp any-source host-destination 192.168.0.1 d-port
32
15.3.2.2 access-list(ip standard)
Command: access-list <num> {deny | permit} {{<sIpAddr> <sMask >} | any| {host
<sIpAddr>}}
no access-list <num>
Functions: Create a numeric standard IP access-list. If this access-list exists, then add a
rule list; the ‘no access-list <num>‘ operation of this command is to delete a numeric
standard IP access-list.
Parameters: <num> is the No. of access-list, 100-199; <sIpAddr> is the source IP
address, the format is dotted decimal notation; <sMask > is the reverse mask of source IP,
the format is dotted decimal notation;
Command mode: Global Mode
Default: No access-lists configured.
Usage Guide: When the user assign specific <num> for the first time, ACL of the serial
number is created, then the lists are added into this ACL.
Example: Create a numeric standard IP access-list whose serial No. is 20, and permit
data packets with source address of 10.1.1.0/24 to pass, and deny other packets with
source address of 10.1.1.0/16.
Switch(Config)#access-list 20 permit 10.1.1.0 0.0.0.255
Switch(Config)#access-list 20 deny 10.1.1.0 0.0.255.255
15.3.2.3 firewall