On Cisco routers, an access control list can be used as a packet filter to permit or deny traffic. The format of the command is
access-list number action hostaddress mask
For example, to deny access to the Class C network 193.1.80.0/24 access-list 1 deny 193.1.80.0 0.0.0.255
To define a wildcard to block the range 172.16.16.0 to 172.16.19.0 (the equivalent of four class C addresses), use 0.0.3.255 access-list 1 deny 172.16.16.0.0 0.0.3.255
To define a wildcard to block the range 172.16.8.0 to 172.16.15.0 (the equivalent of eight class C addresses), use 0.0.7.255 access-list 1 deny 172.16.8.0.0 0.0.7.255