1.标准ACL和扩展ACL
Standard ACLs
Standard ACLs can be used to permit or deny traffic only from source IPv4 addresses. The destination of the packet and the ports involved are not evaluated. The example in Figure 1 allows all traffic from the 192.168.30.0/24 network. Because of the implied "deny any" at the end, all other traffic is blocked with this ACL. Standard ACLs are created in global configuration mode.
Extended ACLs
Extended ACLs filter IPv4 packets based on several attributes:
- Protocol type
- Source IPv4 address
- Destination IPv4 address
- Source TCP or UDP ports
- Destination TCP or UDP ports
- Optional protocol type information for finer control
2.acl中的any和host
3.命名acl的配置
4.扩展的acl
5.针对端口号的acl
6.ipv6的acl
http://cisco.sdut.edu.cn/old/course/RouteSwitch_en/#9.5.1.2