User's Manual
Table Of Contents
- Contents
- About This Guide
- 1. About the FrameSaver SLV
- 2. User Interface and Basic Operation
- 3. Configuration Procedures
- 4. Configuration Options
- Using the Easy Install Feature
- Using RIP with FrameSaver SLV CSU/DSUs
- Entering System Information and Setting the System Clock
- Setting Up the Modem
- Setting Up Auto-Configuration
- Setting Up Dial Backup
- PVC Backup Over the Network Interface
- Setting Up Back-to-Back Operation
- Configuration Option Tables
- Configuring the Overall System
- Configuring Physical Interfaces
- Assigning Time Slots/Cross Connections
- Configuring Frame Relay for an Interface
- Manually Configuring DLCI Records
- Configuring PVC Connections
- Configuring the IP Path List
- Setting Up Management and Communication Options
- Configuring the Criteria for Automatic Backup
- 5. Configuring the FrameSaver SLV Router
- FrameSaver SLV Router Overview
- IP Routing
- Address Resolution Protocol
- Proxy ARP
- Interface Configuration
- Network Address Translation
- Network Address Port Translation
- Dynamic Host Configuration Protocol Server
- DHCP Relay Agent
- Router Security
- Provisioning the Router Interface
- Configuring the Router Using Terminal Emulation
- 6. Security and Logins
- 7. Operation and Maintenance
- 8. Troubleshooting
- 9. Setting Up OpenLane for FrameSaver Devices and Activating SLM Features
- 10. Setting Up NetScout Manager Plus for FrameSaver Devices
- 11. Setting Up Network Health for FrameSaver Devices
- A. Menu Hierarchy
- B. SNMP MIBs and Traps, and RMON Alarm Defaults
- C. Router CLI Commands, Codes, and Designations
- D. Router Command Line Summaries and Shortcuts
- E. Connectors, Cables, and Pin Assignments
- F. Technical Specifications
- G. Equipment List
- Index
C. Router CLI Commands, Codes, and Designations
9128-A2-GB20-80 September 2002
C-19
Filter (access-list) Commands
Filter commands are used to create or delete Access Lists.
Table C-11. Filter Commands (1 of 4)
access-list
access-list-num
[{
permit
|
deny
}
{{
source-ip
[
source-wildcard
] |
any
|
host
source-host-ip
} |
{
protocol
{
source-ip
source-wildcard
|
any
|
host
source-host-ip
}
[
src-operator
src-port
[
src-end-port
] ]
{
dest-ip
dest-wildcard
|
any
|
host
dest-host-ip
}
[ [
icmp-msg-type
[
icmp-msg-code
] ] |
[
dest-operator
dest-port
[
dest-end-port
] ] ] }|
{
type-code
[
range
end-type-code
] } }
no
access-list
access-list-num
[{
permit
|
deny
}
{{
source-ip
[
source-wildcard
] |
any
|
host
source-host-ip
} |
{
protocol
{
source-ip
source-wildcard
|
any
|
host
source-host-ip
}
[
src-operator
src-port
[
src-end-port
] ]
{
dest-ip
dest-wildcard
|
any
|
host
dest-host-ip
}
[ [
icmp-msg-type
[
icmp-msg-code
] ] |
[
dest-operator
dest-port
[
dest-end-port
] ] ] } |
{
type-code
[
range
end-type-code
] } }
Minimum Access Level:
Administrator
Command Mode:
config
Allows a user to create or delete a rule for an access list. Access lists default to an implicit
deny statement for everything. Access lists are terminated by an implicit deny.
access-list-num
– The access list number. Valid ranges for access lists are:
1–99
– Standard IP access lists.
100–199
– Extended IP access lists.
200–299
– Protocol type-code access lists.
permit
– Specifies to permit access and forward packets matching the criteria.
deny
– Specifies to deny access and discard packets matching the criteria.
For Standard IP Access Lists:
Example:
access-list 1 permit 10.1.1.1
source-ip
– The source IP Address to match.
source-wildcard
– Specifies a 32-bit wildcard mask indicating the bit positions in the
source IP address to ignore during matches. This argument must be supplied when a
source-ip address is specified.
any
– Specifies to match any source host. A source-ip of 0.0.0.0 and a source-wildcard
of
255.255.255.255 are specified.
host
– Specify a single host source address to match.
source
-
host-ip
– The source host IP address to match.
(Continued on next page)