Specifications
Chapter 5 Configuring Access Lists and Filtering GSS Traffic
Filtering GSS Traffic Using Access Lists
5-8
Cisco Global Site Selector Administration Guide
OL-5480-01
Adding Rules to an Access List
After you create one or more access lists, you can append rules to them at any
time. Use the access-list command to add a new rule to an existing access list.
For example, to add a new rule to the access list named alist1 to block all traffic
from host 192.168.1.101, enter the following:
gss1.example.com# config
gss1.example.com(config)# access-list alist1 deny tcp host
192.168.1.101
See the “Creating an Access List” section for an explanation of access-list
command syntax.
Use the show access-list command to verify that the rule is added to your access
list.
gss1.example.com(config)# show access-list
access-list:alist1
access-list alist1 permit tcp any destination-port eq 443
access-list alist1 deny tcp host 192.168.1.101
Removing Rules from an Access List
Access lists must contain at least one rule. Removing the last rule from an access
list removes the list itself from the GSS. To remove a rule from an existing access
list, use the no form of the access-list command in global configuration mode.
For example, to remove the rule from the access list named alist1 that blocks all
traffic from host 192.168.1.101, enter the following:
gss1.example.com# config
gss1.example.com(config)# no access-list alist1 deny tcp host
192.168.1.101
See the “Creating an Access List” section for an explanation of access-list
command syntax.
Use the show access-list command to verify that the rule has been removed from
your access list.
gss1.example.com(config)# show access-list
access-list:alist1
access-list alist1 permit tcp any destination-port eq 443