Routing TCP/IP, Volume I (CCIE Professional Development)

Extended IP Access Lists

Extended IP access lists provide far more flexibility in the specification of what is to be filtered. The basic format of the extended IP access list line is

access-list access-list-number {deny|permit} protocol source source-wildcard destination destination-wildcard [precedence precedence][tostos][log]

Some of the features here are familiar, and some are new.

access-list-number, for extended IP access lists, is between 100 and 199.
protocol is a new variable that looks for a match in the protocol field of the IP packet header. The keyword choices are eigrp, gre, icmp, igmp, igrp, ip, ipinip, nos, ospf, tcp, or udp. An integer in the range 0 to 255 representing an IP protocol number may also be used. ip is a generic keyword, ...

Get Routing TCP/IP, Volume I (CCIE Professional Development) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Routing TCP/IP, Volume I (CCIE Professional Development) by Jeff Doyle

Extended IP Access Lists

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly