Specifications
Security Configuration Command Set
Configuring Access Lists
14-104 Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide
14.3.7.3 access-list (extended)
Use this command to define an extended IP access list by number when operating in router mode.
Restrictions defined by an access list are applied by using the ip access-group command as
described in Section 14.3.7.4.
access-list access-list-number [insert | replace entry] | [move destination source1
[source2]] {deny | permit} protocol source [source-wildcard] [operator [port]]
destination [destination-wildcard] [operator [port]] [icmp-type [icmp-code]
To insert or replace an ACL entry:
access-list access-list-number insert | replace entry
To move entries within an ACL:
access-list access-list-number move destination source1 [source2]
To apply ACL restrictions to IP, UDP, TCP or ICMP packets:
access-list access-list-number {deny | permit} protocol source [source-wildcard]
[operator [port]] destination [destination-wildcard] [operator [port]] [icmp-type
[icmp-code]
Syntax Description
ROUTER: These commands can be executed when the device is in router mode only.
For details on how to enable router configuration modes, refer to Section 3.3.3.
NOTE: Valid access-list-numbers for extended ACLs are 100 to 199. For standard
ACLs, valid values are 1 to 99.
access-list-number Specifies an extended access list number. Valid values are
from 100 to 199.
insert | replace
entry
(Optional) Inserts this new entry before a specified entry in
an existing ACL, or replaces a specified entry with this new
entry.