命名擴展ip訪問控制列表配置命令中的port范圍？

Router(config)#ip access-list ?

extended Extended Access List 擴展ACL

standard Standard Access List 標準ACL

Router(config)#ip access-list extended denystuwww

Router(config-ext-nacl)#deny ?

icmp Internet Control Message Protocol ICMP協(xié)議

ip Any Internet Protocol IP協(xié)議

tcp Transmission Control Protocol TCP協(xié)議

udp User Datagram Protocol UDP協(xié)議

(以上這些單詞各有什么含義?)

Router(config-ext-nacl)#deny tcp 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255 ?

eq Match only packets on a given port number 等于

established established 激活的鏈接

gt Match only packets with a greater port number 大于

lt Match only packets with a lower port number 小于

neq Match only packets not on a given port number 非

range Match only packets in the range of port numbers 范圍

Router(config-ext-nacl)#deny tcp 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255 eq www

這條ACL的意思是禁止192.168.30.0/24的機器訪問192.168.10.0/24的機器的WWW服務