|
access-list 101 deny tcp 192.168.14.0 0.0.0.255 any eq
80
|
To define an extended IP access list, use the extended version of the
access-list
global configuration command. Extended ACLs
check the source and destination packet addresses as well as being able to
check for protocols and port numbers. |
access-list
access-list-number
[
dynamic
dynamic-name
[
timeout
]] {
deny
|
permit
}
protocol source source-wildcard
destination destination-wildcard [precedence precedence
] [
tos
tos
]
[
log
|
log-input
] |
