For all matched packets, a message is sent to the console, the buffer, or to a syslog server. The message
includes the ACL number, a notification of whether the packet was permitted or denied, the source address, and
the number of packets.
Note
Fields represented by {} brackets are mandatory in the command syntax. Fields represented by []
brackets are optional.
In all Cisco IOS Software releases, the standard access-list-number can be anything from 1 to 99 or the
expanded range 1300 to 1999, as shown in Table 2-6. Example 2-2 shows a standard numbered ACL allowing
access to hosts on the two specified networks. The wildcard bits apply to the host portions of the network
addresses. Traffic from any host with a source address that does not match the ACL criteria will be dropped
because of the implicit deny.
Example 2-2. Standard Numbered ACL Example
Router(config)# access-list 1 permit 192.16.1.0 0.0.0.255
Router(config)# access-list 1 permit 139.65.0.0 0.0.255.255
(Note: implicit deny)
Tip
A source/source-wildcard setting of 0.0.0.0/255.255.255.255 can be specified as any. The wildcard can
be omitted if it is all zeros. Therefore, 10.1.1.1 0.0.0.0 is the same as host 10.1.1.
Pages:
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91