interface {dialer| loopback| fastethernet| tunnel|vlan} |
|
|
Enter the Dialer, Loopback, FastEthernet, Tunnel or VLAN interface configuration context |
|
ip access-group |
|
Activate a specific Access Control list, for a specific direction, on the current interface |
|
ip simulate |
|
Test the action of a policy on a simulated packet |
|
show ip access-control-list |
|
Display the attributes of a specific access control list or of all access control lists on the current interface |
ip access-control-list |
|
|
Enter configuration mode for the specified policy access control list, and create the list if it does not exist |
|
cookie |
|
Set the cookie for the current list |
|
ip-fragments-in |
|
Specify the action taken on incoming IP fragmentation packets for the current access control list |
|
ip-option-in |
|
Specify the action taken on incoming packets carrying an IP option for the current access control list |
|
ip-rule |
|
Enter configuration mode for a specified policy rule or, if the rule doesn’t exist, create it and enter its configuration mode |
|
|
composite- operation |
Assign the specified composite operation to the current rule |
|
|
destination-ip |
Apply the current rule to packets with the specified destination IP address |
|
|
dscp |
Apply the current rule to packets with the specified DSCP value |
|
|
fragment |
Apply the current rule for non-initial fragments only |
|
|
icmp |
Apply the current rule to a specific type of ICMP packet |
|
|
ip-protocol |
Apply the current rule to packets with the specified IP protocol |
|
|
show composite- operation |
Display the parameters of the composite operation assigned to the current rule |
|
|
show ip-rule |
Display the attributes of the current rule |
|
|
source-ip |
Apply the current rule to packets from the specified source IP address |
|
|
tcp destination-port |
Apply the current rule to TCP packets with the specified destination port |
|
|
tcp established |
Apply the current rule only to packets that are part of an established TCP session |
|
|
tcp source-port |
Apply the current rule to TCP packets from ports with specified source port |
|
|
udp destination-port |
Apply the rule to UDP packets with the specified destination port |
|
|
udp source-port |
Apply the rule to UDP packets from the specified source port |
|
name |
|
Assign a name to the current list |
|
owner |
|
Specify the owner of the current list |
|
show composite- operation |
|
Display the composite operations configured for the list |
|
show ip-rule |
|
Display the rules configured for the current list attributes of a specific rule |
|
show list |
|
Display the attributes of the current list, including its rules |
ip policy-list- copy |
|
|
Copy an existing policy list to a new list |
show ip access-control-list |
|
|
Display the attributes of a specific access control list or of all access control lists |
