|
Command or Action |
Purpose |
|
enable
Example:
Router> enable
|
Enables privileged EXEC mode.
- Enter your password if prompted.
|
|
configure terminal
Example:
Router# configure terminal
|
Enters global configuration mode. |
|
ip access-list extended access-list-name
Example:
Router(config)# ip access-list extended ttlfilter
|
Defines an IP access list by name.
- An access list that filters on a TTL value must be an extended access list.
|
|
[sequence-number] permit protocol source source-wildcard destination destination-wildcard ttl operator value
Example:
Router(config-ext-nacl)# permit ip host 172.16.1.1 any ttl lt 2
|
Sets conditions to allow a packet to pass a named IP access list.
- Every access list must have at least one permit statement.
- This example permits packets from source 172.16.1.1 to any destination with a TTL value less than 2.
|
|
Continue to add permit or deny statements to achieve the filtering you want.
|
The packets that pass the access list will be dropped. |
|
exit
Example:
Router(config-ext-nacl)# exit
|
Exits any configuration mode to the next highest mode in the CLI mode hierarchy. |
|
class-map class-map-name [match-all | match-any]
Example:
Router(config)# class-map acl-filtering
|
Creates a class map to be used for matching packets to a specified class. |
|
match access-group {access-group | name access-group-name}
Example:
Router(config-cmap)# match access-group name ttlfilter
|
Configures the match criteria for a class map on the basis of the specified access control list. |
|
exit
Example:
Router(config-cmap)# exit
|
Exits any configuration mode to the next highest mode in the CLI mode hierarchy. |
|
policy-map policy-map-name
Example:
Router(config)# policy-map acl-filter
|
Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy. |
|
class {class-name | class-default}
Example:
Router(config-pmap)# class acl-filter-class
|
Specifies the name of the class whose policy you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy. |
|
drop
Example:
Router(config-pmap-c)# drop
|
Configures a traffic class to discard packets belonging to a specific class. |
|
exit
Example:
Router(config-pmap-c)# exit
|
Exits any configuration mode to the next highest mode in the CLI mode hierarchy. |
|
exit
Example:
Router(config-pmap)# exit
|
Exits any configuration mode to the next highest mode in the CLI mode hierarchy. |
|
control-plane
Example:
Router(config)# control-plane
|
Associates or modifies attributes or parameters that are associated with the control plane of the device. |
|
service-policy {input | output} policy-map-name
Example:
Router(config-cp)# service-policy input acl-filter
|
Attaches a policy map to a control plane for aggregate control plane services. |