Access List

Access List - ACL

Рет қаралды 8

Күн бұрын

Sobók ibár mouzú óiyede, Cisco router ókkol ór bútore routing'r rasta ókkol'r qanoon kengóri bana.
Standard ACL or Séthín ókkol:
========================
Uggwá Kompiyuthar Bongoribar Séthín
---------------------------------------------------------------
R1(Config)# do show access-list
R1(Config)# ip access-list standard 1
R1(config-std-nacl)# deny host 192.168.1.11
R1(config-std-nacl)# permit any
R1(config-std-nacl)# exit
R1(config)# interface GigabitEthernet0/0/1
R1(config-if)# ip access-group 1 in
R1(Config-if)# do show access-list
R1(config-if)# do wr
Uggwá Nethwaák Bongoribar Séthín
-----------------------------------------------------------
R1(Config)# ip access-list standard 2
R1(config-std-nacl)# deny 192.168.1.0 0.0.0.255
R1(config-std-nacl)# permit any
R1(config-std-nacl)# exit
R1(config)# interface GigabitEthernet0/0/1
R1(config-if)# ip access-group 2 in
R1(Config-if)# do show access-list
R1(config-if)# do wr
Extended ACL or Séthín ókkol:
========================
Ekkán hás rasta bongoribar séthín
-------------------------------------------------------
R1(Config)# ip access-list extended BLOCK-WWW-PC0
R1(config-std-nacl)# deny tcp host 192.168.1.11 host 192.168.3.13 eq www
R1(config-std-nacl)# permit ip any any
R1(Config)# interface gigabitethernet0/0/1
R1(Config-if)# ip access-group BLOCK-WWW-PC0 IN
R1(Config-if)# do show access-list
R1(Config-if)# do wr
Ekkán hás rasta't siríf Ping bongoribar séthín
-------------------------------------------------------------------------
R1(Config)# ip access-list extended BLOCK-PING
R1(Config-ext-nacl)# deny icmp 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
R1(Config-ext-nacl)# permit ip any any
R1(Config-ext-nacl)# interface g0/0/1
R1(Config-if)# ip access-group BLOCK-PING in
R1(Config-if)# exit
R1(config)# do wr
Uggwá hás kompiyuthar ot siríf Ping bongoribar séthín
----------------------------------------------------------------------------------------
R1(Config)# ip access-list extended BLOCK-PING-PC1
R1(Config-ext-nacl)# deny icmp 192.168.2.11 0.0.0.0 host 192.168.3.13
R1(Config-ext-nacl)# permit ip any any
R1(Config-ext-nacl)# interface g0/0/1
R1(Config-if)# ip access-group BLOCK-PING-PC1 in
R1(config-if)# do wr
Tarfor'r sóbok.
Mozíd súal juab ólla nisor sáith oré ziyarot goró.
www.haroonyousu...