You can add comments to access lists by using the remark keyword. Place any descriptive text you want after this keyword. Remarks work in named and numbered access lists.

access-list 110 remark Block traffic to 192.168.1.0. They cause trouble
access-list 110 deny ip 192.168.1.0 0.0.0.255 any
access-list 110 remark Worker bob surfs the internet all day, so stop him
access-list 110 deny tcp host 192.168.2.1 any eq www

Sometimes, we want to control traffic based on the time of day. For example, we might want to prevent staff members from browsing the Web during work hours. So far, we don’t have a way to do that aside from reconfiguring access lists every day at 8 A.M. and 5 P.M. IOS provides an easy solution to this problem. We can use the time-range command to establish a time range; then we can apply the time range to access list rules, establishing times when the rule is active.

For example, let’s build a time range that includes working hours on weekdays:

! This is a global command
time-range block-http
  periodic weekdays 8:00 to 17:00

This time range has the name block-http and is periodic , which means that the time range repeats. (In contrast, an absolute time range has a single fixed starting and ending point.) Now, it is just a matter of adding the time range to a rule in an extended access list:

! Timed ...