ACL基础配置

标准
access-list 1-99 permit/deny  IP/any/host  反码
接口下  ip access-group 1-99 in/out

access-list 1 permit 192.168.1.1 0.0.0.0 等于
access-list 1 permit 192.168.1.1
access-list 1 permit 0.0.0.0 255.255.255.255 等于
access-list 1 permit any

扩展
access-list 100-199 permit/deny  协议/TCP/UDP  源地址 反码 目的地址 反码 eq 端口号
接口下  ip access-group 100-199 in/out

access-list 100 permit ip 192.168.1.1 0.0.0.0 192.168.2.1 0.0.0.0 等于
access-list 100 permit ip host 192.168.1.1 host 192.168.2.1

命名
ip access-list standard 1-99
ip access-list extended 100-199
每行默认+10 ，可在行中添加