Enterasys Networks XSR CLI Router User Manual


  Open as PDF
of 684
 
General Security Commands
XSR CLI Reference Guide 16-87
Syntax
access-list list# [[{insert | replace | move}] [{entry# destination source1
[source2]]}{deny | permit}{log} {srcIpAddr [srcWildCardBits]| host srcIpAddr |
any}
Syntax of the “no” Form
Thenoformofthiscommandremovesthedefinedaccesslistorentries(oneormore)inalist:
no access-list list-number [ent1 [ent2]]
Mode
Globalconfiguration:XSR(config)#
Default
Noaccesslistdefined(allaccesspermitted)
list#
Standardaccesslistnumberrangingfrom1to99.
insert
Newaccessentryisinsertedbeforeanexistingentry#inanACL.Theshow
access-list
commandsequentiallynumbersentriesforthispurpose.
replace
Sameasabove,exceptthenewaccessentryreplacesanentry#intheexisting
ACL(theentry#mustalreadyexist.)
move
MovesasequenceofACLentriesinfrontofanotherentry.
entry#
SequentialentrynumberinACLtoadd/deleterangingfrom1to999.
destination
Positionbeforewhichentriesaretobemoved.Range:1999.
source1
SequentialnumberoffirstACLentrytomove.Range:1999.
source2
SequentialnumberoflastACLentrytomove.Range:1999.
deny
Deniesaccessifspecifiedconditionsaremet.
permit
Permitsaccessifconditionsmet.
log
EnablesalarmloggingandreportingofsourceIPaddressesforconfiguredACL
entries.
srcIpAddr
IdentifiesthesourcebyIPaddress.
srcWildCard
Bits
Bitstoignoreinthesourceaddress.Amaskof0.0.0.225impliesonlythemost
importantbitsofthesourceaddressareconsidered.
host
Marksonlytheexactsourceaddressmatchingthecondition.Sameas
srcWildCardBits=0.0.0.0.
any
Marksanysourceaddressmatchingthecondition.SameassrcWildCardBits=
255.255.255.255.
list-number
Thestandardaccesslistnumberrangingfrom1to99.
ent1
Optionalsingleentrynumber,orthefirstentrynumberintherangeto
beremoved.Ifunspecified,theentireACLisremoved.
ent2
Optionallastentrynumberintherangetoberemoved.
 previous next