Specifications

ManualsBrandsDigitalchina Networks ManualsComputer equipmentDCS-3950 series

271

272

273

274

275

276

277

278

279

280

268

DCS-3950 series Ethernet switch manual

Command: [no] {deny | permit} icmp {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}

{{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<icmp-type> [<icmp-code>]] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

[no] {deny | permit} igmp {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}

{{<dIpAddr> <dMask>} | any-destination | {host-destination <dIpAddr>}}

[<igmp-type>] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

[no] {deny | permit} tcp {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}

[s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>]

[ack+fin+psh+rst+urg+syn] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

[no] {deny | permit} udp {{<sIpAddr> <sMask>} | any | {host <sIpAddr>}}

[s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>] [precedence <prec>] [tos

<tos>][time-range<time-range-name>]

[no] {deny | permit} {eigrp | gre | igrp | ipinip | ip | <int>

} {{<sIpAddr>

<sMask>} | any | {host <sIpAddr>}} {{<dIpAddr> <dMask>} |

any-destination | {host-destination <dIpAddr>}} [precedence <prec>]

[tos <tos>][time-range<time-range-name>]

Functions: Create a name expansion IP access rule to match specific IP protocol or all IP

protocol;

Parameters: <sIpAddr> is the source IP address, the format is dotted decimal notation;

<sMask > is the reverse mask of source IP, the format is dotted decimal notation;

<dIpAddr> is the destination IP address, the format is dotted decimal notation; <dMask>

is the reverse mask of destination IP, the format is dotted decimal notation, attentive

position o, ignored position 1; <igmp-type>, the type of igmp, 0-15; <icmp-type>, the

type of icmp, 0-255 ; <icmp-code>, protocol No. of icmp, 0-255; <prec>, IP priority, 0-7;

<tos>, to value, 0-15; <sPort>, source port No., 0-65535; <dPort>, destination port No.

0-65535; <time-range-name>, time range name

Command mode: Name expansion IP access-list configuration mode

Default: No access-list configured

Usage Guide: None.

Example: Configure the switch to allow packets from the network of 10.1.1.0/24 to be

forwarded, and deny any packets coming from the network of 10.1.1.0/16.

Switch(Config)# ip access-list standard ipFlow

Switch(Config-Std-Nacl-ipFlow)# permit 10.1.1.0 0.0.0.255

Switch(Config-Std-Nacl-ipFlow)# deny 10.1.1.0 0.0.255.255

15.3.2.9 access-list(mac standard)

Command: access-list <num> {deny|permit} {any-source-mac | {host-source-mac

<host_smac> } | {<smac> <smac-mask>} }