Manualshelf

mac

ManualsBrandsip ManualsNetworkingipv6
371372373374375376377378379380
379
system expressed by decimal‘s numbers with four-point separated, reverse mask;
destination-host-ip, destination No. of destination network or host to which packets are
delivered. Numbers of 32-bit binary system with dotted decimal notation expression; host:
means the address is that the destination host address, otherwise the network IP address;
destination-wildcard: mask of destination. I Numbers of 32-bit binary system expressed
by decimal‘s numbers with four-point separated, reverse mask; s-port(optional): means
the need to match TCP/UDP source port; port1(optional): value of TCP/UDP source
interface No., Interface No. is an integer from 0-65535; <sPortMin>, the down boundary
of source port; <sPortMax>, the up boundary of source port; d-port(optional): means
need to match TCP/UDP destination interface; port3(optional): value of TCP/UDP
destination interface No., Interface No. is an integer from 0-65535; <dPortMin>, the down
boundary of destination port; <dPortMax>, the up boundary of destination port; [ack] [fin]
[psh] [rst] [urg] [syn], (optional) only for TCP protocol, multi-choices of tag positions are
available, and when TCP data reports the configuration of corresponding position, then
initialization of TCP data report is enabled to form a match when in connection;
precedence (optional) packets can be filtered by priority which is a number from 0-7; tos
(optional) packets can be filtered by service type which ia number from 0-15; icmp-type
(optional) ICMP packets can be filtered by packet type which is a number from 0-255;
icmp-code (optional) ICMP packets can be filtered by packet code which is a number
from 0-255; igmp-type (optional) ICMP packets can be filtered by IGMP packet name or
packet type which is a number from 0-255; <time-range-name>, name of time range.
Command Mode: Name extended MAC-IP access-list configuration mode
Default: No access-list configured.
Examples: Deny the passage of UDP packets with any source MAC address and
destination MAC address, any source IP address and destination IP address, and source
port 100.
Switch(config)# mac-ip-access-list extended macIpExt
Switch(Config-MacIp-Ext-Nacl-macIpExt)# deny any-source-mac any-destination-mac
udp any-source s-port 100 any-destination
24.26 show access-lists
Command: show access-lists [<num>|<acl-name>]
Functions: Reveal ACL of configuration.
Parameters: <acl-name>, specific ACL name character string; <num>, specific ACL No.
Default: None.
Command Mode: Admin Mode