16.0.0 IP address that is used with the wildcard mask to identify the source
network
0.0.255.255 Wildcard mask; 0s indicate positions that must match, and 1s indicate
???don??™t care??? positions
ip access-group 1 out Links the ACL to the interface as an outbound ?¬?lter
E1
S0
E0
Non-
172.16.0.0 172.16.4.0
172.16.4.13
172.16.3.0
Con?¬?guring ACLs 225
The con?¬?guration in Example 6-3 provides a solution for this example.
Table 6-3 describes the command syntax that is presented in Example 6-3.
This ACL is designed to block traf?¬?c from a speci?¬?c address, 172.16.4.13, and to allow all other
traf?¬?c to be forwarded on interface Ethernet 0. The 0.0.0.0 255.255.255.255 IP address and
wildcard mask combination permits traf?¬?c from any source. This combination can also be written
using the keyword any.
Example: Numbered Standard IPv4 ACL??”Deny a Speci?¬?c Subnet
In Figure 6-15, the goal is to create a list to prevent traf?¬?c that originates from the subnet
172.16.4.0/24 from traveling out Ethernet interface E0.
Example 6-3 Access List Preventing Traf?¬?c Originating from a Speci?¬?c Host
RouterX(config)# aacccceessss--lliisstt 11 ddeennyy 117722.
Pages:
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344