ACL基礎配置

標準
access-list 1-99 permit/deny  IP/any/host  反碼
接口下  ip access-group 1-99 in/out

access-list 1 permit 192.168.1.1 0.0.0.0 等於
access-list 1 permit 192.168.1.1
access-list 1 permit 0.0.0.0 255.255.255.255 等於
access-list 1 permit any

擴展
access-list 100-199 permit/deny  協議/TCP/UDP  源地址 反碼 目的地址 反碼 eq 端口號
接口下  ip access-group 100-199 in/out

access-list 100 permit ip 192.168.1.1 0.0.0.0 192.168.2.1 0.0.0.0 等於
access-list 100 permit ip host 192.168.1.1 host 192.168.2.1

命名
ip access-list standard 1-99
ip access-list extended 100-199
每行默認+10 ，可在行中添加