255
5 permit 10.0.0.44, wildcard bits 0.0.0.255
10 permit 10.0.0.1, wildcard bits 0.0.0.255
15 permit 10.5.5.5, wildcard bits 0.0.0.255
20 permit 10.0.0.2, wildcard bits 0.0.0.255
Con?¬?guring ACLs 237
Named Extended ACL: Deny a Single Host from a Given Subnet
For the network shown in Figure 6-19, you want to create a list named ???troublemaker??? to prevent
traf?¬?c that originates from the host 172.16.4.13 from traveling out Ethernet interface E0.
Figure 6-19 Named Extended ACL Denying a Single Host
The con?¬?guration in Example 6-11 provides a solution for this example.
Table 6-10 describes the command syntax that is presented in Example 6-11.
Example 6-11 Access List Preventing Traf?¬?c from a Speci?¬?c Host
RouterX(config)#iipp aacccceessss--lliisstt ssttaannddaarrdd ttrroouubblleemmaakkeerr
RouterX(config-std-nacl)#ddeennyy hhoosstt 117722..1166..44..1133
RouterX(config-std-nacl)#ppeerrmmiitt 117722..1166..44..00 00..00..00..225555
RouterX(config-std-nacl)#iinntteerrffaaccee ee00
RouterX(config-if)#iipp aacccceessss--ggrroouupp ttrroouubblleemmaakkeerr oouutt
Table 6-10 Named Extended IPv4 ACL Example Denying a Single Host
access-list Command
Parameter Description
standard Indicates that the named ACL is a standard ACL
troublemaker Name of the ACL
deny Indicates that traf?¬?c that matches the selected parameters is not
forwarded
host 172.
Pages:
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361