ACL Commands
OL-32830-01 Command Line Interface Reference Guide
4.2
permit ( IP )
Use the permit IP Access-list Configuration mode command to set permit
conditions for an IPv4 access list (ACL). Permit conditions are also known as
access control entries (ACEs). Use the no form of the command to remove the
access control entry.
Syntax
protocol {any | source source-wildcard} {any | destination
permit
destination-wildcard} [
[
time-range-name]
time-range
[log-input]
icmp {any | source source-wildcard} {any | destination destination-wildcard}
permit
[any | icmp-type] [any | icmp-code]] [
precedence number] [
[log-input]
igmp {any | source source-wildcard} {any | destination
permit
destination-wildcard}[igmp-type] [
precedence number] [
[log-input]
{any | source source-wildcard} {any| s ource-port/port-range}{any |
permit tcp
destination destination-wildcard} {any| d estination-port/port-range} [
priority] [dscp number | precedence number] [match-all list-of-flags] [
time-range-name]
[log-input]
{any | source source-wildcard} {any| s ource-port/port-range} {any |
permit udp
destination destination-wildcard} {any| d estination-port/port-range} [
priority] [dscp number | precedence number] [
[log-input]
protocol {any | source source-wildcard} {any | destination
no permit
destination-wildcard} [dscp number | precedence number][
time-range-name]
[log-input]
icmp {any | source source-wildcard} {any | destination
no permit
destination-wildcard} [any | icmp-type] [any | icmp-code]] [dscp number |
precedence number][
priority] [dscp number | precedence number]
ace-priority
ace-priority
time-range-name]
time-range
ace-priority
time-range-name]
time-range
time-range
time-range-name]
priority] [dscp number |
priority] [dscp number |
time-range-name]
time-range
time-range
4
ace-priority
time-range
ace-priority
112