1 GRE = generic routing encapsulation
2 IGRP = Interior Gateway Routing Protocol
The syntax of the access-list command that is presented here is representative of the TCP protocol form. Not all parameters
and options are given. For the complete syntax of all forms of the command, refer to the appropriate Cisco IOS Software
documentation available at Cisco.com.
Extended ACL with the established Parameter
In Example 6-6, the established parameter of the extended ACL allows responses to traf?¬?c that
originate from the mail host, 128.88.1.2, to return inbound on the serial 0 interface. A match occurs
if the TCP datagram has the ACK or reset (RST) bits set, which indicates that the packet belongs
to an existing connection. Without the established parameter in the ACL statement, the mail host
could only receive SMTP traf?¬?c but not send it.
Table 6-6 Command Parameters for a Numbered Extended ACL
access-list Command
Parameters Description
access-list-number Identi?¬?es the list using a number in the ranges of 100??“199 or 2000??“
2699.
permit | deny Indicates whether this entry allows or blocks the speci?¬?ed address.
protocol IP, TCP, UDP, ICMP, GRE1, or IGRP2.
Pages:
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350